urlscan.io logo urlscan.io
SecurityTrails logo

o.canada.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Effective URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Submission: On August 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 5 countries across 32 domains to perform 118 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com.
TLS certificate: Issued by GTS CA 1D4 on June 13th 2023. Valid for: 3 months.
This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.111.67.160 396982 (GOOGLE-CL...)
2 34.111.249.109 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.32.113.217 16509 (AMAZON-02)
2 23.56.202.187 16625 (AKAMAI-AS)
1 13.225.78.96 16509 (AMAZON-02)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 18.66.112.45 16509 (AMAZON-02)
17 34.117.54.29 396982 (GOOGLE-CL...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 18.185.12.185 16509 (AMAZON-02)
1 184.30.211.26 16625 (AKAMAI-AS)
5 34.149.157.221 15169 (GOOGLE)
5 2600:9000:223... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 4 108.138.7.113 16509 (AMAZON-02)
1 151.101.130.133 54113 (FASTLY)
1 35.241.9.51 15169 (GOOGLE)
1 185.89.210.244 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
9 34.107.254.252 396982 (GOOGLE-CL...)
2 2 142.250.185.130 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
4 2a04:4e42:600... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 52.222.214.22 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
1 18.66.112.48 16509 (AMAZON-02)
1 143.204.215.54 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.227 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
2 195.201.159.24 24940 (HETZNER-AS)
1 63.34.81.234 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.206.111.64 14618 (AMAZON-AES)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
118 43
2    34.111.67.160 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com
canada.com
2    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
o.canada.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.32.113.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-113-217.fra60.r.cloudfront.net
c.amazon-adsystem.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-96.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    2606:4700:e4::ac40:ae26 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net
ak.sail-horizon.com
17    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
4    2606:4700::6812:5eb (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
config.lrcontent.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
1    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
5    2600:9000:223c:6600:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
8    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    108.138.7.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-113.fra56.r.cloudfront.net
sb.scorecardresearch.com
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
1    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
2    142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
3    2600:1f18:44f0:4847:3717:5549:a9cb:125f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
4    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.222.214.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-22.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.215.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-54.fra53.r.cloudfront.net
signal-beacon.s-onetag.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.250.184.227 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.de
3    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
2    195.201.159.24 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl03.het.mrf.io
events.newsroom.bi
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    44.206.111.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-111-64.compute-1.amazonaws.com
i.viafoura.co
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
22 postmedia.digital
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 120034
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 96216
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 76521
288 KB
10 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2820
api.permutive.com — Cisco Umbrella Rank: 2082
googlesync.permutive.com — Cisco Umbrella Rank: 9171
38 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6081
identity.mparticle.com — Cisco Umbrella Rank: 2859
jssdks.mparticle.com — Cisco Umbrella Rank: 5071
60 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
499 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
region1.google-analytics.com — Cisco Umbrella Rank: 1869
21 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
stats.g.doubleclick.net — Cisco Umbrella Rank: 115
155 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11619
209 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11838
i.viafoura.co — Cisco Umbrella Rank: 11679
4 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 123518
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 56838
config.lrcontent.com — Cisco Umbrella Rank: 20452
96 KB
4 canada.com
canada.com — Cisco Umbrella Rank: 484465
o.canada.com
73 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2577
www.google.com — Cisco Umbrella Rank: 3
676 B
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4313
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5705
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6179
20 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 380
64 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
254 B
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8339
848 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5576
515 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2980
p1.parsely.com — Cisco Umbrella Rank: 2186
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
157 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10396
45 KB
2 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3261
ads.rubiconproject.com — Cisco Umbrella Rank: 2190
252 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 369
2 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 265
571 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 164179
390 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1399
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 132693
130 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3352
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7654
3 KB
1 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 4050
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
118 32
Domain Requested by
13 dcs-static.gprod.postmedia.digital o.canada.com
dcs-static.gprod.postmedia.digital
8 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 www.googletagmanager.com fem.gprod.postmedia.digital
www.googletagmanager.com
jssdkcdns.mparticle.com
www.google-analytics.com
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 smartcdn.gprod.postmedia.digital o.canada.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
o.canada.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
o.canada.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 fem.gprod.postmedia.digital o.canada.com
fem.gprod.postmedia.digital
3 region1.google-analytics.com www.googletagmanager.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 api.viafoura.co cdn.viafoura.net
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com o.canada.com
c.amazon-adsystem.com
2 www.facebook.com o.canada.com
2 config.lrcontent.com auth.lrcontent.com
2 events.newsroom.bi sdk.mrf.io
2 www.google.de o.canada.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net o.canada.com
connect.facebook.net
2 sdk.mrf.io o.canada.com
sdk.mrf.io
2 cm.g.doubleclick.net 2 redirects
2 auth.lrcontent.com o.canada.com
cdn.viafoura.net
2 securepubads.g.doubleclick.net o.canada.com
securepubads.g.doubleclick.net
2 o.canada.com dcs-static.gprod.postmedia.digital
2 canada.com 2 redirects
1 cdn.jsdelivr.net micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 i.viafoura.co cdn.viafoura.net
1 www.google.com o.canada.com
1 p1.parsely.com o.canada.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 googlesync.permutive.com o.canada.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 secure.cdn.fastclick.net o.canada.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com o.canada.com
1 www.npttech.com o.canada.com
1 cdn.adsafeprotected.com o.canada.com
1 micro.rubiconproject.com o.canada.com
1 fonts.googleapis.com o.canada.com
118 49
Subject Issuer Validity Valid
canada.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-07-07 -
2023-10-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-07-09 -
2023-10-07		 3 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
viafoura.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-06		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
*.prmutv.co
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-14 -
2023-08-12		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-09-15 -
2023-10-17		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Frame ID: D7F259A82D10B2D5ABA3E3975AF1E7CF
Requests: 109 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v85.0/xd.html
Frame ID: D550BD78501AEFD1C6A849AE4E90D2A0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E7E9AB07415F425D8D544F7EEEEC8A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada.ComCanada.comUser

Page URL History Show full URLs

  1. http://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 HTTP 301
    https://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 HTTP 301
    https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

118
Requests

97 %
HTTPS

43 %
IPv6

32
Domains

49
Subdomains

43
IPs

5
Countries

2269 kB
Transfer

8839 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 HTTP 301
    https://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 HTTP 301
    https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPZ4wyUYwqCz3bFDzOO4aGo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_cver=1
Request Chain 114
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request story.html
o.canada.com/montrealgazette/news/
Redirect Chain
  • http://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
  • https://canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
  • https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
306 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
1244a271ebb3bcfbfd2f6319f140bad4a1ea9b04146cf1e6d7ab72568feeb50b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Fri, 04 Aug 2023 23:21:45 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
96
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-sk5vd

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 04 Aug 2023 23:21:45 GMT
location
https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 23:21:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Aug 2023 23:21:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
619e59cae2a011dfa94038abc4aaaac8d8b7a7d36e38f67160817b5bdf9a0cf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27796
x-xss-protection
0
server
cafe
etag
991 / 19573 / m202308010101 / config-hash: 16920917814545374618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 23:21:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.113.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-113-217.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 22:26:19 GMT
content-encoding
gzip
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront), 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA60-P1
age
3328
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
mLkAmG53PoRAWCChsJFPN5G7L64vvysm9oMAH-pv3Vweeu4Q0cxikg==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ec7f3dbe17a2c7ebba9797f9b880300c0f8e79e741fadcec040de272e5b608c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:49 GMT
content-encoding
gzip
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
251606
expires
Sat, 05 Aug 2023 15:34:43 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 21:04:52 GMT
Via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
181015
ETag
"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
F23cjl7lLRWMhq6zCl1S_p_buvaPPIhj-sskH4pqfudN48wSx2aMMA==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ae26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HM9Z5WS7PJHY3FQH
age
5896
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Y2YkUPR6dPCnA6B3ktAsvqQZVxmS5sxXdkBmb3/yy6MWYaOkSjmfvgAhxD2vZRQk18E1IvoazuE=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQi9FKzLt%2FJCwCGgUPlgDNipOc2JoiYqYi5qHW66DvsOVBCDIYamF6%2BDgvMEUwMEZd10dA6%2FBQ7HwEFDjb1tDl1bi8QtkHhAGqBwgUWqM%2FeeLOlKRGpt4ExnoJ2dOMLBi1ryoV3SEccQewbxHlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7f1a89df6d735b80-FRA
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:20:06 GMT
content-encoding
gzip
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 16:11:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
101
x-amz-server-side-encryption
AES256
etag
W/"6f6b3838a24066fc24338c58c675bb27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
-dDOAAhzzN_Zs7KvFPmeTLtWUA51FRBu6nY4V4RwYZWpbdUOtrVxgQ==
fem.js
fem.gprod.postmedia.digital/v85.0/ 		345 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/fem.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b1d0361a0461ce106032877d434b6829fafbb3a8a4b8e4c332aeb06789f5fd4

Request headers

Referer
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 12:18:35 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
212591
x-guploader-uploadid
ADPycdvjUvGy7_SfOm_c_ypLorQ8cXwIdB9T9eeMXw02UMBJHWYpuaBvsdhg1gWDVqxwW6xrWpvxPDf0SLZYEkiVTjSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100025
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
W/"93a7038cfe72b3885574ff7c81b81203"
vary
Accept-Encoding
x-goog-generation
1690226676604634
x-goog-hash
crc32c=/Ot50w==, md5=k6cDjP5ys4hVdP98gbgSAw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
352779
accept-ranges
none
content-type
application/javascript
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		201 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
6550
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1282139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 19 Jul 2023 05:17:23 GMT
server
cloudflare
etag
W/"0221ca3f6ee29fcc55e5b21144c2673d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7f1a89df7a1a39c2-FRA
x-amz-cf-id
JZIgJrmkEazFnVIRDykm7Vgan8wWdzTWGzKnsMfUo9PZdBCRhbWxFw==
expires
Sat, 05 Aug 2023 03:21:46 GMT
shared.99347ddcb2d5.js
dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
94f760c2f70eba9b94316e717bc2f103c401365a79dff456d584d8a287a9a695

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009567
age
108270
x-guploader-uploadid
ADPycdu5vhBcg8SjTF19y2hZaNlrV4ffzdOfVQApaPvaDPEU9RoG8La46QX90MG1XmxMDZOsBnc5SoEL97SAFrLA3k5JeO3qD42d
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7558
last-modified
Thu, 03 Aug 2023 17:09:01 GMT
server
UploadServer
etag
W/"0847633dd4bb94fe0811b465492da0f4"
vary
Accept-Encoding
x-goog-generation
1691082541990188
x-goog-hash
crc32c=S28U/w==, md5=CEdjPdS7lP4IEbRlSS2g9A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20803
accept-ranges
none
content-type
application/javascript
main.7ead3690e12f.js
dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/main.7ead3690e12f.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7ead3690e12f75b5339e5c7387e715182416d8f2fd427d165224d5ed33e60d1c

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:17:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009567
age
108270
x-guploader-uploadid
ADPycdvf0I3TpceV3c3w_ElefnwJi8BTxw9VIUAMMIfpdilhVGBQjpjcHkvCphuJghqUumk6HjlJ31k29N8lBqo3i2SKb22w5jdY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31996
last-modified
Thu, 03 Aug 2023 17:09:01 GMT
server
UploadServer
etag
W/"d8bffe986f01273c14e5af050d9636ae"
vary
Accept-Encoding
x-goog-generation
1691082541815586
x-goog-hash
crc32c=IOYGmg==, md5=2L/+mG8BJzwU5a8FDZY2rg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
94393
accept-ranges
none
content-type
application/javascript
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/postmedia-image-fallback.webp
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:21:25 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108021
x-guploader-uploadid
ADPycduF7qlpRpRY2q4sV04S2QcZfYlzbyujfDbqU6EX2ZHHNDVTq7bEIBs2j1aI1gtF7EiKx0Z691bqxwSqDs2T5s_c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1691082566552189
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		775 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
x-goog-meta-goog-reserved-file-mtime
1691009569
age
108335
x-guploader-uploadid
ADPycdtHmfxU8Nn1-82zpbXxukyt3kx4VHwnS1FcIu8rGzpyQBC4kByDwn4NKSkMpyFq2c32s8EyxPQEC2zv-2OHYz14
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1691082566772698
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-tw.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009570
age
108335
x-guploader-uploadid
ADPycdvc5sH_yM22fVYFD92C9rNW2VBuSDVPVg4AjW2ZgTQm-SXMVpYpZnj3dG4lkUtqfEoE7-Ylq5D2HvsXrQSM2Df7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
806
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
W/"df82c342c1176b84253c53e6e10eed05"
vary
Accept-Encoding
x-goog-generation
1691082566889579
x-goog-hash
crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1698
accept-ranges
none
icon-soc-yt.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		744 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-yt.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:21:25 GMT
x-goog-meta-goog-reserved-file-mtime
1691009570
age
108021
x-guploader-uploadid
ADPycdsSYyR_Rsi9V5NEdKLhECZnP9M3n9zrGj4y2XQl-PpDOhX6BPdxqukKOHEidPO4VlMA--eBMywGSPu_AKHtQ_7B
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
744
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
"c7b3b346ada043e6e241bca3e7f698d0"
x-goog-generation
1691082566935302
x-goog-hash
crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
744
accept-ranges
bytes
icon-soc-ig.svg
dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/ 		2 KB
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/images/share-icons/icon-soc-ig.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:21:25 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009570
age
108021
x-guploader-uploadid
ADPycdvFKMhxwiv_eQ_8Yf2F-FTZ1U5Fg1PhB_Sd1tl_H_qBf24v4WZpuZHDK9pV36g-WZz3xV3VRBnBn-kO26OZQf6y
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
last-modified
Thu, 03 Aug 2023 17:09:26 GMT
server
UploadServer
etag
W/"cf38c08bd0b7e49f4550f048b7c4e2cf"
vary
Accept-Encoding
x-goog-generation
1691082566822566
x-goog-hash
crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1898
accept-ranges
none
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 05:38:50 GMT
x-content-type-options
nosniff
age
63776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 05:38:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 13:37:19 GMT
x-content-type-options
nosniff
age
553467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 13:37:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options
nosniff
age
69294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 04:06:52 GMT
xd.html
fem.gprod.postmedia.digital/v85.0/ Frame D550 		165 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd44a6cdf121c34f8e2d09644a8d1739be0d214e2dbaf1d849616645dc343364

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
276085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Tue, 01 Aug 2023 18:40:21 GMT
etag
"ad8bbb986916331571ab56057787924b"
last-modified
Mon, 24 Jul 2023 19:24:37 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1690226677395131
x-goog-hash
crc32c=Wd6RrA== md5=rYu7mGkWMxVxq1YFd4eSSw==
x-goog-meta-goog-reserved-file-mtime
1690226631
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycduF8xLhibstrvdFJMN69kwj6TVCdjtK-Fl99PrZslspYQS9atyzTXfRlBx0s6WN3goKT5ruXHV-VMtMG_j2zB_YI59BmFT_
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		455 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9352fdb65cdcf9fcb8fadb6c01ee93a188c018c5b0f1f1526a96a425719055e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycdvlUThECUkNNU9nyfWO_PY2jJ00z4henvxsZrFlEHOIvayTtM1H7kXTsUCuzkWR05nS0qT0FVSDlCo36qc9pS62qWFSjD6Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Mon, 31 Jul 2023 21:40:17 GMT
server
cloudflare
etag
W/"0866901849a11548edf895125c73bfea"
vary
Accept-Encoding
x-goog-generation
1690839617661798
content-type
application/javascript
x-goog-hash
crc32c=sL3vlQ==, md5=CGaQGEmhFUjt+JUSXHO/6g==
cache-control
public, max-age=900
x-goog-stored-content-length
135787
timing-allow-origin
*
cf-ray
7f1a89e238a6040c-FRA
expires
Fri, 04 Aug 2023 23:36:46 GMT
b8b0ef9d6ea4dd18cee3.js
fem.gprod.postmedia.digital/v85.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/chunks/b8b0ef9d6ea4dd18cee3.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
44c46b2edb60329726390cf58b9135fb4b64d836dbeaf4e139f52b5d9df73981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:40:22 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
276084
x-guploader-uploadid
ADPycdu1NjpB8ttBhjJ5s8NBTmnfyW0TpoDhcRo0MuuVIwCp1CdVUJjcV7JV517GqgXIiGxbvvj3vzhOQhlIVBlAtvXydgVGyZ65
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
last-modified
Mon, 24 Jul 2023 19:24:36 GMT
server
UploadServer
etag
W/"e7822f987ca517aa3b2a889aa12ea62d"
vary
Accept-Encoding
x-goog-generation
1690226676217651
x-goog-hash
crc32c=3ae0Dg==, md5=54IvmHylF6o7KoiaoS6mLQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 		398 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 20:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
11613
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129167
x-xss-protection
0
server
cafe
etag
5057873641579568274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 03 Aug 2024 20:08:13 GMT
d29574067a0bb7d8c8bd3.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/d29574067a0bb7d8c8bd3.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdvt2Qdaeu1MvJRfrdq4aM2gwblfS_xsuDwnhVIXGcDYb--0r5qZ3BcOOsWHzYVxjH0tzjAOlPd692i9C9MwMfak
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3627
last-modified
Thu, 03 Aug 2023 17:09:30 GMT
server
UploadServer
etag
W/"233d9c59e0bd2b47b18fd5358ef0160f"
vary
Accept-Encoding
x-goog-generation
1691082570353861
x-goog-hash
crc32c=jLECtw==, md5=Iz2cWeC9K0exj9U1jvAWDw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
11403
accept-ranges
none
8ae633f3387ab3d9f89616.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/8ae633f3387ab3d9f89616.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdsXTOklLltMLENzUD85Qkav-kHJc4-A_3CHcJwEA4MBTKP1yjMhXfel013wKuUiDaJH17dWJRFcxwfIUW5G63WW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4431
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"8c886839348e84eeb16a0f142757b307"
vary
Accept-Encoding
x-goog-generation
1691082569718296
x-goog-hash
crc32c=Jbp6BQ==, md5=jIhoOTSOhO6xag8UJ1ezBw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
13988
accept-ranges
none
xd.js
fem.gprod.postmedia.digital/v85.0/ Frame D550 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v85.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/xd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8f92f2d1f186e48942e3d37b11524101fa721da66074b44bc4ff69f8148fcb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v85.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:40:21 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1690226631
age
276085
x-guploader-uploadid
ADPycdu60rrkQsiFbvJjsgzMN8ht41MXwMiwd7-xv_4O5MDKSP1njpGQ_rTEYzBuYu2pVRF49grWmuMWtTjbZU5LEtedCN_LNsDT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17104
last-modified
Mon, 24 Jul 2023 19:24:37 GMT
server
UploadServer
etag
W/"2dad80baf6eea16d84e34db3a1a98253"
vary
Accept-Encoding
x-goog-generation
1690226677447294
x-goog-hash
crc32c=8oYf8w==, md5=La2AuvbuoW2E402zoamCUw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51869
accept-ranges
none
db937de5f271191df6744.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/db937de5f271191df6744.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdsIZ9UK8KN31RC9rroslIN91IAGBlEThZZjsx4ayqaDInr--q0MqsvwF1n82YcaheGWR7C1Umu9hHWbJk8iTOae
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4394
last-modified
Thu, 03 Aug 2023 17:09:30 GMT
server
UploadServer
etag
W/"3bfbd59f97296aaf58442bbdf53f71d3"
vary
Accept-Encoding
x-goog-generation
1691082570390578
x-goog-hash
crc32c=TWNiDw==, md5=O/vVn5cpaq9YRCu99T9x0w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
4e8720b61d861864435e36.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		224 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/4e8720b61d861864435e36.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdt-a7QDYEBNdhBB20w0YhSrwMlZi-D49Npja-v5xCQm5Y34ZXLkxbDjUOwUZB3RwgR4Rv2VB8uTrXuqbuCruuvt
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
"087008fa497bb67bcdf1a4c150537516"
x-goog-generation
1691082569169464
x-goog-hash
crc32c=UBw1Fg==, md5=CHAI+kl7tnvN8aTBUFN1Fg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdvmVAG8JADrtAdaZCjIQIuGiXEisJRtCvSY5FzYm4mDMXvVG8P_nZLouaVis89mJOOZ3i4rxOWxbsqF3jYT-CqK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2826
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1691082569552506
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
a3ec7ed2dfcc00ca264c23.js
dcs-static.gprod.postmedia.digital/14.1.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/a3ec7ed2dfcc00ca264c23.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/CACHE/js/shared.99347ddcb2d5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 17:16:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1691009568
age
108335
x-guploader-uploadid
ADPycdsmhX2eP4q9XzjU9TjOoYkIWIKLWfJaGKaUYGrfGzsm6kHT1fT3aEvjbg1pjIau09I5ZyS1yh8xA79-tgSCjNj9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2088
last-modified
Thu, 03 Aug 2023 17:09:29 GMT
server
UploadServer
etag
W/"a382b48ee1cf980223c8003d301c2f39"
vary
Accept-Encoding
x-goog-generation
1691082569957479
x-goog-hash
crc32c=TYe94Q==, md5=o4K0juHPmAIjyAA9MBwvOQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Fri, 04 Aug 2023 23:21:46 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 04 Aug 2023 23:21:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
/
o.canada.com/api-root/lists/ed9e2185-049b-49c6-be31-fde64881e0b9/expanded/ 		160 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/api-root/lists/ed9e2185-049b-49c6-be31-fde64881e0b9/expanded/?format=html&name=&from=0&type=category&load_origin_urls=false&is_sponsored=false&slugs_accepted=&slugs_excluded=&replace_video=false&template_name=feed-card-list
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/14.1.1/websites/js/d29574067a0bb7d8c8bd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
bd015e8c2bcbe372fe047c9919179fb57b698211375f93fe2218cd2b9e26b5fa
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Friday, 04-Aug-2023 23:21:46 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-58cfb9ff56-qwd6x
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, X_API_KEY, Origin
content-type
text/html; charset=utf-8
allow
GET
cache-control
max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Fri, 04 Aug 2023 23:24:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		353 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.113.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-113-217.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 20:41:15 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
age
9630
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
353
x-amz-cf-id
Ds_2iURCKOaFc0UGg4jy1lLXmOM1mJEK-f9cmKefbAxQ-Jh-TTGsxQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.113.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-113-217.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
date
Fri, 04 Aug 2023 19:28:08 GMT
x-amz-cf-pop
FRA60-P1
age
14019
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
I7DaenL_MAdEywR36aMspJmc5vvE79_jm6RJKk1Uip4aT3AkCRZL1A==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 04 Aug 2023 23:36:46 GMT
feature-this-photo.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/07/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/07/feature-this-photo.jpg?quality=90&strip=all&w=344&type=webp&sig=qEorkunOQX6m5mguY0eE-w
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
93cae8a3cd59dc3351993041f5bf542ca737707d5ee460fc8abfcde9d7ceb374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 04 Aug 2023 23:21:47 GMT
via
1.1 google
server
nginx/1.18.0
etag
"be44bd6d52304cb462729515897aae6903e21279"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-xhzhp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40456
great-room-2-1.jpg
smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/07/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/calgaryherald/wp-content/uploads/2023/07/great-room-2-1.jpg?quality=90&strip=all&w=344&type=webp&sig=lJo0-_VyDSJ5wbHq3c_kMg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
96edb6103d70d7df38cdb5d6cd13a1e15adfeb1c454a17aba63f64a7bfc97a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
calgaryherald
date
Fri, 04 Aug 2023 23:21:46 GMT
via
1.1 google
server
nginx/1.18.0
etag
"d78f20c7adc0a2fff8adf77bb377eab767b50b4b"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-qzbjt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24956
0806-col-makeover-5.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/07/0806-col-makeover-5.jpg?quality=90&strip=all&w=344&type=webp&sig=5l4apO7nDAyXg4k9Gc6Fcg
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
813b4bdd11a12654b76e49b5bd3c9d9579949685ea23638ce46535691b7449bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 04 Aug 2023 18:06:50 GMT
via
1.1 google
server
nginx/1.18.0
age
18896
etag
"79b0f93755c254a80225c7f4195797da34906e60"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-vkqgm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10088
0805-pride-makeup.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/07/0805-pride-makeup.jpg?quality=90&strip=all&w=344&type=webp&sig=bt-rdmzns9gS-OIBVfkc1A
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cf5ed03e160a6ee20857e8a3a90c32ede063c9a2b94e196c0329d8463a941c96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 04 Aug 2023 23:21:46 GMT
via
1.1 google
server
nginx/1.18.0
etag
"e57be013ead984e67bee119794cdfbd692f9e624"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-z8sw9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
GettyImages-1204162001.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2021/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2021/01/GettyImages-1204162001.jpg?quality=90&strip=all&w=344&type=webp&sig=N6sxqcDP1NMy8qCjEHV7Ng
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
d972c0adebae27766d3409609d6d9262ebf20e928e9ad17b7ed9b468c4cfe607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 04 Aug 2023 23:21:46 GMT
via
1.1 google
server
nginx/1.18.0
etag
"2751ab617a43d34f119d955c9a048fbda1d336eb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5f7df9686c-lnjwh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17124
vf-v2.js
cdn.viafoura.net/ 		835 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8521fd07bf36348650841fdfe4707974047fe057fa866bdc6104f498e9d675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
YfhDyNazKsc0cD7eYCa6DSKEEJqL_T.z
content-encoding
br
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
date
Fri, 04 Aug 2023 23:20:24 GMT
x-amz-cf-pop
FRA56-P2
age
86
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:55 GMT
server
AmazonS3
etag
W/"95c9d1a8edc688cc1a369bbc135d2405"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
_xIOeGkSePn9PnUMat_gv6adzIaXxjPV6yq66-A0YEaDa1xb_PBE9Q==
gtm.js
www.googletagmanager.com/ 		141 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56b73d0d4d332764f1c4b5e9badf8714b13e2b95467e1749d0c97670be2d4167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47051
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:46 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-113.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 22:24:05 GMT
content-encoding
gzip
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
3462
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hCt0EteEzexVeFkn_zMH2AuupOigdgHrQhiFKv1wbd7q7LK9Kp_zIQ==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
366fda7b18f5661ade7d832284831954e1e4971d37b1cd0efb2a5150e50afc1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230055-FRA
date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
94
x-timer
S1691191307.839620,VS0,VE1
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
59947
x-cache-hits
3, 1
gtm.js
www.googletagmanager.com/ 		146 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v85.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ed7e2c9599ac9cf4b72503ca7c69f99403c29c8af594c8b183f6a2703acb684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48197
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:46 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3f29ddf9a1bbd01870d040dd4c825fc2c07e9c2968264fc5657f8eb14bd6a545

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:46 GMT
an-x-request-uuid
1d7812a1-f91e-4323-a471-8a2a39bd6b6b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.116; 146.70.117.116; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		53 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53431b300b330538252f30bcecaaf723e97eeedf6297785a1993f08782333ba7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycduSLwiinuOd93OsNs5BfaOsw9ZJugWXc9KPvPhsxE7bXeG1tI-bNW5Xxoq-YxITM00OBy64IxIa00g8Pwmb877-Lw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
36895
last-modified
Mon, 31 Jul 2023 21:40:19 GMT
server
cloudflare
etag
"0e3982129a0c4ae0216d26fae21ed197"
vary
Accept-Encoding
x-goog-generation
1690839619929581
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=dTmXQA==, md5=DjmCEpoMSuAhbSb64h7Rlw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
36895
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f1a89e30bf54d7c-FRA
expires
Fri, 04 Aug 2023 23:21:46 GMT
geoip
api.permutive.com/v2.0/ 		254 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
watson
api.permutive.com/v2.0/ 		198 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
77ff9478acdbc751e0d850d1ff3430cf2120620c12080d56b9527e778e505308

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
292e6377-d7d4-4ab6-8163-cd79669a96c0
https://o.canada.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/292e6377-d7d4-4ab6-8163-cd79669a96c0
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
180295
Content-Type
e890a173-d354-4bbb-9302-06840428ebbc
https://o.canada.com/ 		176 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/e890a173-d354-4bbb-9302-06840428ebbc
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
180295
Content-Type
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
be69e902023a333b484c495e328022ffcb8e59e49769d7acf32d789960c24e6c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
segment
api.permutive.com/adv/v2/ 		44 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 04 Aug 2023 23:21:46 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPZ4wyUYwqCz3bFDzOO4aGo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPZ4wyUYwqCz3bFDzOO4aGo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_cver=1
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:48 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPZ4wyUYwqCz3bFDzOO4aGo&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=638aa7c9-9742-450a-95d3-4188945b23ec&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
798f81c8d185af08a58e1f9d3c774169ac6237d0f2a0542e93d1da679519b6ab

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-08fbeca79dbb09d53
pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 04 Aug 2023 23:21:47 GMT
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://o.canada.com
access-control-max-age
1728000
cache-control
max-age=0
date
Fri, 04 Aug 2023 23:21:47 GMT
expires
Fri, 04 Aug 2023 23:21:47 GMT
server
nginx/1.18.0 (Ubuntu)
gtm.js
www.googletagmanager.com/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f902a456ee693e3a09692cff6f131c6de52a7971f5606de0c3b55b60d053426d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42321
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:46 GMT
gtm.js
www.googletagmanager.com/ 		293 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d038f489ce2af63014b26497368ae0eaf81130ebeb3b3a9d07760f192db0fcee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89524
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:46 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2284
date
Fri, 04 Aug 2023 23:21:46 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
322
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230069-FRA
x-timer
S1691191307.973009,VS0,VE0
gtm.js
www.googletagmanager.com/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87d446a011362f4f1a2c4b867de29c9af2d432bf66d81edf0a3eb49c91a50582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46612
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:46 GMT
identify
identity.mparticle.com/v1/ 		175 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b25f501e9a60c7d24df50f70aec0339526431494ae201aa0570152d3cf189c84
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230069-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1691191307.979942,VS0,VE109
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Aug 2023 21:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5522
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 04 Aug 2023 23:49:45 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc8beebbfab8462184c8c864e5474cd84672b6d46dcb3c4131d609821883c6f

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
1ms
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 04 Aug 2023 22:40:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
5
accept-ranges
bytes
cf-ray
7f1a89e51bf83653-FRA
alt-svc
h3=":443"; ma=86400
content-length
35214
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 04 Aug 2023 23:21:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47151
x-xss-protection
0
pragma
public
x-fb-debug
ZzT3G0ppP0L0xsJ3nLQqLir1RnS10aLh19pAZz9etdyODQDcvIUeomnRPUeEAIKWujyLBVm4NO8HpSGFimhNTA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
LhWu_AMlaCmeK.6Ee04qRop66YKc4nhd
content-encoding
gzip
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
date
Fri, 04 Aug 2023 02:38:53 GMT
last-modified
Thu, 20 Jul 2023 12:08:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
74579
x-amz-server-side-encryption
AES256
etag
W/"4b00b328a85d4cd9f81165354453f1e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
vWaIPWP66Vpi85LWRIb_EEiR-QtE5pVJ4qQLwjZm3b2o-U99zjOwPg==
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fbee4c7d6fc9455d4d022b2953e573094a0aeeb1e35b029eb60e77866b52ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87010
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 04 Aug 2023 23:21:47 GMT
p.js
cdn.parsely.com/keys/o.canada.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
public
date
Fri, 04 Aug 2023 05:05:21 GMT
content-encoding
gzip
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
65786
etag
W/"639a3c4f-12687"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
nYiEgqERwGYcQK4vfP5KU9gZb8mfT0XVLEYwmGCVSXocmyOcgo8R8g==
expires
Sat, 05 Aug 2023 05:05:21 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1691191307015&ns_c=UTF-8&c8=Canada.Com&c7=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&c9=
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-113.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
X8l5FUMj6PYiWGTMff2vcKAKiS1FplpXs_jdqd118K_bnXvxBlBDNw==
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		182 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
747df025706356c0c99b2b1082f8f27ee2c82e4cdf81091e8e65458feb6184e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69544
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 23:21:47 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 13:06:21 GMT
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront), 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
36926
x-amzn-requestid
fb247435-84f9-4f6f-846a-bbb3ab54409b
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
JIuoKE2EiYcFVDw=
content-length
555
x-amz-cf-id
j64D-7EkncG-yv2mU0yLdmgpc2o79FsD3Hrtu0LEd1MBVUYNXKKocA==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-54.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
date
Fri, 04 Aug 2023 20:05:41 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
11767
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
x3OewQetleewgoOGXu5vKcYtMgGujYzDcKRxMmiT5GQldP81l1wFzg==
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je3820&_p=1896143007&_gaz=1&cid=1234557524.1691191307&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&dr=&sid=1691191307&sct=1&seg=0&dt=Canada.Com&en=error&_fv=1&_nsi=1&_ss=1&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.query_string=id%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.1.1&ep.fem_version=v85.0&ep.brand=canada.com&ep.timestamp=2023-08-04T23%3A21%3A47.005%2B00%3A00&ep.error_type=404%20Error
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBS6P3K53Q&cid=1234557524.1691191307&gtm=45je3820&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBS6P3K53Q&cid=1234557524.1691191307&gtm=45je3820&aip=1&z=1475711710
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1691191307.203808,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je3820&_p=1896143007&cid=1234557524.1691191307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691191307&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&dt=Canada.Com&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2285
date
Fri, 04 Aug 2023 23:21:47 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
323
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230069-FRA
x-timer
S1691191307.176394,VS0,VE0
identify
identity.mparticle.com/v1/ 		175 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
33fa3f1008fdd8ffc65e933d299bd13bbd5ffcf0fb494954703e6dc8a6cd86ed
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230069-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1691191307.183371,VS0,VE111
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1691191307.203854,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
be69e902023a333b484c495e328022ffcb8e59e49769d7acf32d789960c24e6c

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
ingest.php
events.newsroom.bi/ 		50 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.159.24 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
5c169ba25b6215d80072.js
sdk.mrf.io/statics/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/5c169ba25b6215d80072.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
38
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 24 Jul 2023 11:00:31 GMT
server
cloudflare
etag
W/"f38e6161c92e3f5f2dd25be8f3ae8fdd"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7f1a89e5fd143653-FRA
x-amz-cf-id
kZAptd7qwxxhcKJVVU_S0I79BUrWpB_oXtrX2u-DIFDagKoh44pj7Q==
audiences
api.permutive.com/audience-matching/v1/id/638aa7c9-9742-450a-95d3-4188945b23ec/ 		12 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/638aa7c9-9742-450a-95d3-4188945b23ec/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 04 Aug 2023 23:21:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1896143007&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ul=en-us&de=UTF-8&dt=Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1933950564&gjid=259994835&cid=1234557524.1691191307&tid=UA-213173459-10&_gid=525723735.1691191307&_r=1&_slc=1&gtm=45He3820n81P3Q4QHW&cd2=2023-08-04T23%3A21%3A47.008%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=14.1.1&cd26=v85.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd38=id%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&cd52=index&cd65=false&cd1=1234557524.1691191307&z=1073834824
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1896143007&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ul=en-us&de=UTF-8&dt=Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1894207025&gjid=195081260&cid=1234557524.1691191307&tid=UA-138335866-21&_gid=525723735.1691191307&_r=1&_slc=1&gtm=45He3820n81P3Q4QHW&z=113143466
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1896143007&t=event&ni=1&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ul=en-us&de=UTF-8&dt=Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=404%20Error&el=&_u=YCDACAABBAAAACAEK~&jid=&gjid=&cid=1234557524.1691191307&tid=UA-213173459-10&_gid=525723735.1691191307&gtm=45He3820n81P3Q4QHW&cd2=2023-08-04T23%3A21%3A47.056%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=14.1.1&cd26=v85.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=51&cd31=index&cd38=id%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&cd52=index&cd65=false&cd1=1234557524.1691191307&z=413690798
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 06:34:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
60426
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
156 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ee68a1b3b545938a9425ab4ac19e2624b88be6e74d63bb1c96c44633a8196b98

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1691191307.342901,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
events
api.permutive.com/v2.0/batch/ 		101 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
13fb8b7bd65e7828409a88c0ca2bdd670ca4156a143942260722b3ff086c95f1

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1691191307358&plid=def4964d-f9e5-48a9-abea-3f06c96f680c&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&sref=&sts=1691191307351&slts=0&title=Canada.Com&date=Fri+Aug+04+2023+23%3A21%3A47+GMT%2B0000+(GMT)&action=pageview&pvid=916a09ea-e1ee-462b-bf33-e35dea01aef6&u=pid%3Ddf10e60c-d7ba-4be3-a348-d9f4a5cf1e29
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 23:21:47 GMT
Cache-Control
no-cache
Last-Modified
Friday, 04-Aug-2023 23:21:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-10&cid=1234557524.1691191307&jid=1933950564&gjid=259994835&_gid=525723735.1691191307&_u=YCDACAAABAAAACAEK~&z=109568501
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de4adca1ce9da56283621c672089f8e544ab77d475ca8ae22e151de6552f0c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79787
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 04 Aug 2023 23:21:47 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4PRPPJ1J9V&gtm=45je3820&_p=1896143007&ul=en-us&sr=1600x1200&cid=1234557524.1691191307&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&dt=Canada.Com&sid=1691191307&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PRPPJ1J9V&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1234557524.1691191307&jid=1933950564&_u=YCDACAAABAAAACAEK~&z=1857586638
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-10&cid=1234557524.1691191307&jid=1933950564&_u=YCDACAAABAAAACAEK~&z=1857586638
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		386 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c57432f2159f3dfe09da54a771b3e4177286dba5981e91e1d65e99e9a5fbdbc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 04 Aug 2023 23:21:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
NbajDJm3DbmBOj+/pXAKTxhANclfx6jWdk3aApMrd/hr0LvY7eb/A7prt+a/twFG3TIMD4K8nvyYkRsG0cFINg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/o.canada.com/ 		45 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4847:3717:5549:a9cb:125f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-instance-id
i-0d9826f455102e785
pragma
no-cache
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Fri, 04 Aug 2023 23:21:47 GMT
intl-messageformat.401c18c9757b51332b6a.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.401c18c9757b51332b6a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
pj022ogd_bV5mWCOr_soLtT.drBhXQE_
content-encoding
br
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
280001
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:23 GMT
server
AmazonS3
etag
W/"78ffac5f5ecfb6cdb701539b4effd77f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
uUqsGpdnhapE8aPR1pXiQNbocVRe3Zfsg-KVN2R5JFQbsL6owHq67A==
intl-messageformat.ae28c82cbab9f4f192db.js
cdn.viafoura.net/chunks/languages/ 		135 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.ae28c82cbab9f4f192db.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:08 GMT
x-amz-version-id
7OqFZnjeAklq03Qf8ylaM7aYqPiyoXdp
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
280000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 01 Aug 2023 17:34:29 GMT
server
AmazonS3
etag
"73d7f8bfdaa57b2f8bd9c91892a82603"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WuQGsZOO-UVsElDS25_yYTisGwCSHX22A-49BVE7PsM_zEz43hcxaQ==
en-us-base-json.0decd3d525f8cf6a6798.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.0decd3d525f8cf6a6798.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
q2Xsj9hRUY.EcGDh.5QDmpB8V5vTAkMa
content-encoding
br
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
280000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:26 GMT
server
AmazonS3
etag
W/"6ba7265e0b8b22d5fa41b4f4c07be32a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
JczcMjyIaUl5AZXKqoMqMtGGoNl5MnIakcAJ3GBc4JQ1JqPS29y3Zw==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		201 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:47 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
4303
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1282139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Wed, 19 Jul 2023 05:17:22 GMT
server
cloudflare
etag
W/"0221ca3f6ee29fcc55e5b21144c2673d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7f1a89e8aa7839c2-FRA
x-amz-cf-id
JKqTz5rWUtaUZouSXmHnFsF05FEKNwn-aVSzsK1nZDQDSAMLucMlLw==
expires
Sat, 05 Aug 2023 03:21:47 GMT
ingest
i.viafoura.co/v3/o.canada.com/ 		67 B
389 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/o.canada.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.111.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-111-64.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Fri, 04 Aug 2023 23:21:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.0afd399e705ef46a33ca.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.0afd399e705ef46a33ca.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:6600:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:35:07 GMT
x-amz-version-id
iT1ur1L7gOydue0K.QJVyOluFqvVfNk4
content-encoding
br
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
age
280001
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 01 Aug 2023 17:34:37 GMT
server
AmazonS3
etag
W/"8bfa5eea773c1c874c9a24bc9b66879e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
BLJe7DhVJr2Mcd6kqOtnL_iebZ6ozt3965dtIlO8Z92wSNwUBGh28Q==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://o.canada.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f1a89ea9cca1907-FRA
date
Fri, 04 Aug 2023 23:21:47 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 23:21:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
max-age=86400
cf-ray
7f1a89eadcfd1907-FRA
state
api.permutive.com/v1.0/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 04 Aug 2023 23:21:47 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&rl=&if=false&ts=1691191307850&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691191307844.1740602831&cs_est=true&it=1691191307479&coo=false&exp=a1&rqm=GET
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 04 Aug 2023 23:21:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 23:21:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Fri, 04 Aug 2023 23:21:48 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
/
www.facebook.com/tr/ Frame E7E9 		0
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: o.canada.com
URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://o.canada.com
Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://o.canada.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 23:21:48 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		66 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f1a5c63946d1edf8229dfff90adea241717b84d120ae5ea823618d8afc43da6b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:49 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 22:40:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5888
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230804
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab66bf089f917f20c7208cd21aab4d5bf16388f3b89ac2c189e6f9a18b62670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 04 Aug 2023 23:21:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26455
x-jsd-version
1.0.1772
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"638-Y/oLZb8tph3VQYXeSlmkL8Gv3xA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVw%2B8rTXHxN7Y1KvEFaYnwtPESCKYWykZYRt9f9r%2BaxyDLrRMSk1omi4U86mGti0G4z9LRcv3XCr1v4Yp77xCYntNqorUmZ0mTuFkd%2BJK8de7DGPc59ExoyGuH7dpC%2BDOAWDbCHHgeikj47nqFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f1a89f3ab5918f9-FRA
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.159.24 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 04 Aug 2023 23:21:49 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-113.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 01:33:35 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
78496
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
D1sXADaRKIY_gcKldE3ZUlwEoEqpWUnuLnRChdxwKJnxn4ogrxNf_A==

Redirect headers

date
Fri, 04 Aug 2023 23:21:49 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
P6bk4GQW-icOuNngLhvEoC4cgPJdFz9-RgEhcAkWumYkcpafoEMs3A==
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je3820&_p=1896143007&cid=1234557524.1691191307&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&sid=1691191307&sct=1&seg=1&dt=Canada.Com&en=page_view&ep.debug_mode=false&ep.gtm_version=51&ep.gtm_container_id=GTM-P3Q4QHW&ep.query_string=id%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.1.1&ep.fem_version=v85.0&ep.brand=canada.com&ep.timestamp=2023-08-04T23%3A21%3A47.129%2B00%3A00&ep.ga_client_id=1997150734.1691191307&ep.main_category=index&ep.metered_content=false&_et=21&up.client_id=1997150734.1691191307
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXX&gtm=45je3820&_p=1896143007&cid=1234557524.1691191307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691191307&sct=1&seg=1&dl=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&dt=Canada.Com&en=page_view&ep.main_category=index&ep.metered_content=false&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=canada.com&ep.device_type=desktop&ep.division=canadacanada&ep.domain=o.canada.com&ep.fem_version=v85.0&ep.page_url=https%3A%2F%2Fo.canada.com%2Fmontrealgazette%2Fnews%2Fstory.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=14.1.1&ep.user_status=anonymous&ep.view_type=HTML&_et=34&up.mpid=8066601715756484738
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXX&l=dl_mparticle&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 23:21:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| webpackChunkdjango_content_services object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _aps boolean| apstagLOADED object| apscustom object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer boolean| femCePnIdReadyTriggered object| COMSCORE object| _comscore object| __permutive object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| google_tag_manager object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| dataLayerPropertiesToFlush object| previousPartialEvents function| getPreviousPartialEvents object| gtm undefined| eventIndex undefined| prop object| PublisherCommonId object| __connect function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| gaplugins object| gaData function| _ga_originalSendHitTask number| pa function| _typeof object| pbjsChunk object| _pbjsGlobals

33 Cookies

Domain/Path Name / Value
o.canada.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1691191306376,"mac":-1250259118}
o.canada.com/ Name: __adblocker
Value: false
o.canada.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"u2h2rjdxoarwa2bw4ke1ik80jndrk4jit","updated":1691191306512},"exp":604800000,"ts":1691191306512,"mac":1904368671}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"u2h2rjdxoarwa2bw4ke1ik80jndrk4jit","updated":1691191306512},"exp":604800000,"ts":1691191306521,"mac":1904369601}
.canada.com/ Name: permutive-id
Value: 638aa7c9-9742-450a-95d3-4188945b23ec
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 94b89e03-ed51-47f3-b910-6e9804d3ba7a
.doubleclick.net/ Name: IDE
Value: AHWqTUmFVn1mUiZ39Cx-d-Cz8d3IEkZLGKHhUU9I8CBuW6UQXvn4bkTgopfLcjBg85k
.canada.com/ Name: _ga_CBS6P3K53Q
Value: GS1.1.1691191307.1.1.1691191307.60.0.0
.canada.com/ Name: _ga_XXXXX
Value: GS1.1.1691191307.1.1.1691191307.0.0.0
.canada.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1691191307%2C%22currentVisitStarted%22%3A1691191307%2C%22sessionId%22%3A%220da3d6af-1a98-46d5-8edd-cf095f5767b7%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//o.canada.com/montrealgazette/news/story.html%3Fid%3D144a2bd0-73e6-4432-bcaf-d113a93a41a4%26k%3D7982%22%2C%22referrer%22%3A%22%22%7D
.canada.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1691191307%2C%22userId%22%3A%226e8db12c-5040-408a-ab2f-9a0e2d5aed68%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1691191307%2C%22timesVisited%22%3A1%7D
.canada.com/ Name: compass_uid
Value: 6e8db12c-5040-408a-ab2f-9a0e2d5aed68
events.newsroom.bi/ Name: 1528_u
Value: 6e8db12c-5040-408a-ab2f-9a0e2d5aed68
events.newsroom.bi/ Name: 1528_s
Value: 0da3d6af-1a98-46d5-8edd-cf095f5767b7
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.canada.com/ Name: _ga
Value: GA1.2.1234557524.1691191307
.canada.com/ Name: _gid
Value: GA1.2.525723735.1691191307
.canada.com/ Name: _gat_UA-213173459-10
Value: 1
.canada.com/ Name: _gat_UA-138335866-21
Value: 1
.canada.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'3c7621d1-c7ca-4f90-4a11-dc9fc20a9422'|'das':'d1d17c24-f021-44d6-5c6d-dbd9eee036ad'|'csm':'WyI4MDY2NjAxNzE1NzU2NDg0NzM4Il0='|'sid':'F2DC60D8-FB53-4A6B-E3E5-A0EF0B400B4B'|'les':1691191307335|'ssd':1691191306940}|'l':1|'8066601715756484738':{'fst':1691191307116|'ui':'eyIwIjoidTJoMnJqZHhvYXJ3YTJidzRrZTFpazgwam5kcms0aml0In0='}|'cu':'8066601715756484738'}
.canada.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982%22%2C%22sref%22:%22%22%2C%22sts%22:1691191307351%2C%22slts%22:0}
.canada.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=df10e60c-d7ba-4be3-a348-d9f4a5cf1e29%22%2C%22session_count%22:1%2C%22last_session_ts%22:1691191307351}
.canada.com/ Name: _ga_4PRPPJ1J9V
Value: GS1.2.1691191307.1.0.1691191307.0.0.0
.viafoura.co/ Name: VfSess
Value: 0j3kuktsuaqunfap9ogf0u0qnp
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
o.canada.com/ Name: _vfz
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1691191308.1.medium=direct|source=|sharer_uuid=|terms=
.canada.com/ Name: _vfa
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.89d90a60-3012-4e3f-ae84-42d3185bd19d.1691191308.1691191308.1691191308.1
.canada.com/ Name: _vfb
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.2..1691191308....
.canada.com/ Name: _fbp
Value: fb.1.1691191307844.1740602831
.viafoura.co/ Name: vfDeviceId
Value: 10a6a1cc-48ef-4071-af08-30d87403dab4
o.canada.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.canada.com/ Name: pbjs_sharedId
Value: 99e6f9cd-f714-4d04-853a-2cd2132615b0

1 Console Messages

Source Level URL
Text
network error URL: https://o.canada.com/montrealgazette/news/story.html?id=144a2bd0-73e6-4432-bcaf-d113a93a41a4&k=7982
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
ads.rubiconproject.com
ak.sail-horizon.com
api.permutive.com
api.viafoura.co
auth.lrcontent.com
c.amazon-adsystem.com
canada.com
cdn.adsafeprotected.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
cm.g.doubleclick.net
config.lrcontent.com
connect.facebook.net
dcs-static.gprod.postmedia.digital
events.newsroom.bi
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
micro.rubiconproject.com
o.canada.com
onetag-geo.s-onetag.com
p1.parsely.com
postmedia.hub.loginradius.com
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
smartcdn.gprod.postmedia.digital
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.npttech.com
104.19.150.54
108.138.7.113
13.225.78.96
13.32.113.217
142.250.184.227
142.250.185.130
143.204.215.54
151.101.130.133
18.185.12.185
18.66.100.58
18.66.112.45
18.66.112.48
184.30.211.26
185.89.210.244
195.201.159.24
2001:4860:4802:34::36
23.56.202.187
2600:1f18:44f0:4847:3717:5549:a9cb:125f
2600:9000:223c:6600:8:2ae1:d740:93a1
2606:4700:3033::6815:325a
2606:4700::6810:5714
2606:4700::6812:1b98
2606:4700::6812:5eb
2606:4700:e4::ac40:ae26
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:600::645
34.107.254.252
34.111.249.109
34.111.67.160
34.117.54.29
34.149.157.221
35.241.9.51
44.206.111.64
52.222.214.22
63.34.81.234
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cee8a130277b3634273c3866e17bb64d5fc5163e5419d5b6c7b42dfe7347d8
07af69012c290d3655c6c0e638f4ac4e504d55363dff7eb7a1319615336c9fd1
09517c4c41c1744e90cd9c856434b0301f7164f855e848882d0f3a6a6f896662
0c57432f2159f3dfe09da54a771b3e4177286dba5981e91e1d65e99e9a5fbdbc
1244a271ebb3bcfbfd2f6319f140bad4a1ea9b04146cf1e6d7ab72568feeb50b
13fb8b7bd65e7828409a88c0ca2bdd670ca4156a143942260722b3ff086c95f1
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
24b6d5c61c96dbd20a707b4e6ab0eb1256ae3fded2f6b54b44477d399881cfef
288f88a7f61f065216ddca43615be8d89fd7c9369a3b7a5c577ceededd4708a1
292942b7ea009b33947befcd41c1fc5d794deb1be3537385af9913c4eff98458
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a76292a2e3564ef61e7a900f9c998e83d78fb5f91547e704ab9168b5dca6c48
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33fa3f1008fdd8ffc65e933d299bd13bbd5ffcf0fb494954703e6dc8a6cd86ed
366fda7b18f5661ade7d832284831954e1e4971d37b1cd0efb2a5150e50afc1d
3b1d0361a0461ce106032877d434b6829fafbb3a8a4b8e4c332aeb06789f5fd4
3f29ddf9a1bbd01870d040dd4c825fc2c07e9c2968264fc5657f8eb14bd6a545
406b6d79687c2601d33b029cf7867ab6cedc6c01ef13d669835b743f967d5d52
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44c46b2edb60329726390cf58b9135fb4b64d836dbeaf4e139f52b5d9df73981
4ed7e2c9599ac9cf4b72503ca7c69f99403c29c8af594c8b183f6a2703acb684
4fbee4c7d6fc9455d4d022b2953e573094a0aeeb1e35b029eb60e77866b52ef7
53431b300b330538252f30bcecaaf723e97eeedf6297785a1993f08782333ba7
56b73d0d4d332764f1c4b5e9badf8714b13e2b95467e1749d0c97670be2d4167
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
6029effcb1fb7327b832ce827a84f8ebe8c7a2154cb43f4186e5ea2bd6f9f49f
619e59cae2a011dfa94038abc4aaaac8d8b7a7d36e38f67160817b5bdf9a0cf4
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
69193c467efacbd943f4138e5b2b93dd1ded275d6e8233fd28b2a0f74765365b
6a2bb1023400cca8ae0171e8789a54ccac0cc4e10eb8908b7d51eb10a45ce1b9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
747df025706356c0c99b2b1082f8f27ee2c82e4cdf81091e8e65458feb6184e9
77ff9478acdbc751e0d850d1ff3430cf2120620c12080d56b9527e778e505308
798f81c8d185af08a58e1f9d3c774169ac6237d0f2a0542e93d1da679519b6ab
7ead3690e12f75b5339e5c7387e715182416d8f2fd427d165224d5ed33e60d1c
7ec7f3dbe17a2c7ebba9797f9b880300c0f8e79e741fadcec040de272e5b608c
813b4bdd11a12654b76e49b5bd3c9d9579949685ea23638ce46535691b7449bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d446a011362f4f1a2c4b867de29c9af2d432bf66d81edf0a3eb49c91a50582
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
8f92f2d1f186e48942e3d37b11524101fa721da66074b44bc4ff69f8148fcb90
9352fdb65cdcf9fcb8fadb6c01ee93a188c018c5b0f1f1526a96a425719055e8
93cae8a3cd59dc3351993041f5bf542ca737707d5ee460fc8abfcde9d7ceb374
94f760c2f70eba9b94316e717bc2f103c401365a79dff456d584d8a287a9a695
96edb6103d70d7df38cdb5d6cd13a1e15adfeb1c454a17aba63f64a7bfc97a9e
975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2
99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
a68facae97d9ba4aad337e58159f1e5da5f2fe6331a513928d570edaac63e984
ab8521fd07bf36348650841fdfe4707974047fe057fa866bdc6104f498e9d675
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b25f501e9a60c7d24df50f70aec0339526431494ae201aa0570152d3cf189c84
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916
bd015e8c2bcbe372fe047c9919179fb57b698211375f93fe2218cd2b9e26b5fa
be69e902023a333b484c495e328022ffcb8e59e49769d7acf32d789960c24e6c
c1d82b2f7c752ef9d32865cbe234a0ca0b0d5822c5508627b317705ffd23ef2e
c3a3630df92e474e23cf4212e60eadd8cfc79863dafe578c02b5807ffbecb3fa
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
cd44a6cdf121c34f8e2d09644a8d1739be0d214e2dbaf1d849616645dc343364
ce559c0f43ec2a0dc664159bd06a2ac3bd3e5fdde0958a7db9418a80b1c4cf09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5ed03e160a6ee20857e8a3a90c32ede063c9a2b94e196c0329d8463a941c96
d00b4c8953cdf25f549728ad667759e6f7650b5bf6146ecd3ec7c087bd3265b8
d038f489ce2af63014b26497368ae0eaf81130ebeb3b3a9d07760f192db0fcee
d972c0adebae27766d3409609d6d9262ebf20e928e9ad17b7ed9b468c4cfe607
da9b18821986663ec3e5f926699020bfcd9ca73aec75fbed9006866022808e8a
dcc8beebbfab8462184c8c864e5474cd84672b6d46dcb3c4131d609821883c6f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4adca1ce9da56283621c672089f8e544ab77d475ca8ae22e151de6552f0c72
e34e26ff8e940c5a518051df2c481545a8850d8ee1547402fa773ef9563be515
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
eab66bf089f917f20c7208cd21aab4d5bf16388f3b89ac2c189e6f9a18b62670
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee68a1b3b545938a9425ab4ac19e2624b88be6e74d63bb1c96c44633a8196b98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a5c63946d1edf8229dfff90adea241717b84d120ae5ea823618d8afc43da6b
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f902a456ee693e3a09692cff6f131c6de52a7971f5606de0c3b55b60d053426d