free.ca Open in urlscan Pro
35.186.240.248 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://free.ca/wp-admin/maint/help/help/
Submission: On November 04 via manual (November 4th 2022, 1:05:49 am UTC) from AU — Scanned from CA

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 36 domains to perform 79 HTTP transactions. The main IP is 35.186.240.248, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is free.ca.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 18th 2022. Valid for: a year.

This is the only time free.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.186.240.248 35.186.240.248	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2010	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
4	23.21.139.184 23.21.139.184	14618 (AMAZON-AES) (AMAZON-AES)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	13.249.39.126 13.249.39.126	16509 (AMAZON-02) (AMAZON-02)
1 3	159.127.43.10 159.127.43.10	25751 (VALUECLICK) (VALUECLICK)
1	23.63.176.177 23.63.176.177	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	54.179.66.88 54.179.66.88	16509 (AMAZON-02) (AMAZON-02)
2	35.84.93.102 35.84.93.102	16509 (AMAZON-02) (AMAZON-02)
1	52.51.79.61 52.51.79.61	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	104.76.104.253 104.76.104.253	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1 10	2600:1f14:426... 2600:1f14:426:3f00:760d:6511:7b1f:158e	16509 (AMAZON-02) (AMAZON-02)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	54.84.111.157 54.84.111.157	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.229.253.47 3.229.253.47	14618 (AMAZON-AES) (AMAZON-AES)
3 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	44.241.67.155 44.241.67.155	16509 (AMAZON-02) (AMAZON-02)
5	34.246.142.233 34.246.142.233	16509 (AMAZON-02) (AMAZON-02)
1 2	199.187.193.199 199.187.193.199	47043 (SMARTADSE...) (SMARTADSERVER)
79	38

1 35.186.240.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.240.186.35.bc.googleusercontent.com

free.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2010 (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.21.139.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-139-184.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-126.iad89.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.127.43.10 (Los Angeles, United States) 1 redirects

ASN25751 (VALUECLICK, US)

www.anrdoezrs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.qksrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.63.176.177 (Chicago, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-63-176-177.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.66.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.84.93.102 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-93-102.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.79.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-79-61.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.76.104.253 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-104-253.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.161.208 (Newark, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:1f14:426:3f00:760d:6511:7b1f:158e (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.83 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.111.157 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-111-157.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.253.47 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-253-47.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.67.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-67-155.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.246.142.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.199 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 4512 p.ad.gt — Cisco Umbrella Rank: 5721 ids.ad.gt — Cisco Umbrella Rank: 4207 pixels.ad.gt — Cisco Umbrella Rank: 5174	20 KB
9	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 166 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 cm.g.doubleclick.net — Cisco Umbrella Rank: 320	130 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 12990 s.cpx.to — Cisco Umbrella Rank: 3621	7 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3298 onesignal.com — Cisco Umbrella Rank: 859 img.onesignal.com — Cisco Umbrella Rank: 7200	92 KB
6	powerad.ai powerad.ai — Cisco Umbrella Rank: 21140 reporting.powerad.ai — Cisco Umbrella Rank: 24325	50 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	22 KB
4	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 732 image2.pubmatic.com — Cisco Umbrella Rank: 1407	77 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	205 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 storage.googleapis.com — Cisco Umbrella Rank: 652	161 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 457	1 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 690	3 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 608 www.google.com — Cisco Umbrella Rank: 17	859 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	218 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 481 mug.criteo.com — Cisco Umbrella Rank: 1946	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	115 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 2438	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 784	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 825	687 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 977	461 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 818	1 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 7986	564 B
2	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 21547	189 KB
2	qksrv.net www.qksrv.net — Cisco Umbrella Rank: 60486	312 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1759	627 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 813	556 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 4753	11 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 25271	3 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	27 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	40 KB
1	yceml.net www.yceml.net — Cisco Umbrella Rank: 38870	3 KB
1	anrdoezrs.net 1 redirects www.anrdoezrs.net — Cisco Umbrella Rank: 34476	228 B
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1434
1	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8392	49 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1404	44 KB
1	free.ca free.ca	9 KB
79	36

	Domain	Requested by
10	ids.ad.gt	1 redirects free.ca
5	s.cpx.to	p.cpx.to free.ca
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cm.g.doubleclick.net	3 redirects free.ca
4	www.googletagmanager.com	free.ca powerad.ai www.googleoptimize.com www.googletagmanager.com
4	powerad.ai	free.ca powerad.ai
3	image2.pubmatic.com	3 redirects
3	match.adsrvr.org	3 redirects
3	secure.adnxs.com	3 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	onesignal.com	cdn.onesignal.com
3	www.facebook.com	free.ca
3	connect.facebook.net	free.ca p.ad.gt connect.facebook.net
3	storage.googleapis.com	free.ca storage.googleapis.com
2	sync.smartadserver.com	1 redirects free.ca
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	u.openx.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	www.google.ca	free.ca
2	analytics.google.com	www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	hb.brainlyads.com	powerad.ai free.ca
2	www.qksrv.net	www.anrdoezrs.net
2	a.ad.gt	powerad.ai p.ad.gt
2	reporting.powerad.ai	powerad.ai
2	cdn.onesignal.com	free.ca cdn.onesignal.com
1	img.onesignal.com	free.ca
1	pixels.ad.gt	p.ad.gt
1	www.google.com	free.ca
1	sync.targeting.unrulymedia.com	1 redirects
1	bh.contextweb.com	1 redirects
1	p.ad.gt	a.ad.gt
1	cdn.hadronid.net	a.ad.gt
1	mug.criteo.com	free.ca
1	ads.pubmatic.com	free.ca
1	fonts.gstatic.com	fonts.googleapis.com
1	p.cpx.to	powerad.ai
1	pixel.zprk.io	powerad.ai
1	www.googletagservices.com	free.ca
1	static.criteo.net	free.ca
1	www.yceml.net	free.ca
1	www.anrdoezrs.net	1 redirects
1	tags.crwdcntrl.net	free.ca
1	assets.revcontent.com	free.ca
1	www.googleoptimize.com	free.ca
1	fonts.googleapis.com	free.ca
1	free.ca
79	49

This site contains no links.

Subject Issuer	Validity	Valid
*.free.ca Go Daddy Secure Certificate Authority - G2	`2022-04-18` - `2023-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
powerad.ai Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
assets.revcontent.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.zprk.io Amazon	`2022-10-19` - `2023-11-18`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
www.qksrv.net GlobalSign RSA OV SSL CA 2018	`2022-08-23` - `2023-09-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-12-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.hadronid.net GTS CA 1P5	`2022-10-16` - `2023-01-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://free.ca/wp-admin/maint/help/help/
Frame ID: 32EAE8B37BFD257983BA056C415DF8C1
Requests: 73 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: E1A37C998DEBB88DFA2D279E4214648A
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: A640707AD8FD5C9599B7648B20CA3D05
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=free.ca
Frame ID: A604D4CEAA44938F7479E0E3BD436781
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canadian Freebies, Free Stuff, Samples & Contests – Free.ca

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

79
Requests

78 %
HTTPS

46 %
IPv6

36
Domains

49
Subdomains

38
IPs

4
Countries

1294 kB
Transfer

3679 kB
Size

42
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.anrdoezrs.net/am/8193935/include/joined/impressions/page/am.js HTTP 302
https://www.yceml.net/am_gen/8193935/include/joined/impressions/page/am.js

Request Chain 42

https://gum.criteo.com/sid/json?origin=publishertag&domain=free.ca&sn=ChromeSyncframe&so=0&topUrl=free.ca&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_uRrW3xTaGcvQlp4Z3RBeEhSajBQV2IwMWhvWndiRVpETjV3RTYwMGJOdFhjQjNqSWZCRllqRWlqWHdaVzUzOG9jRUJ1Z1pwSEd1T2tqSVJ6enpCVktkamRiTFBFaE52alI2d2s4NG94YVNmQ3ZCYndUV2FSRzFvVk1DaFFCT1BoaFo5VVIxcGNvb0lMeXFiNTdUYkpSMDFwelJhN1Q2S21IR3hFcCtwSnIyZ3ZaZHMvbytQYkg3c3llaWxnSm5hREtxZTdoUzBsZ3VWN3BxUG9YUGVPWC9LcDZqQmpaandlMFdOMVVSOE9YRUtNbHBQUVNkT3lUalQ0NHJ6aGw4LytYaWlkZGdHemNseFBJSWcvQnJRYlhEczNqdz09fA&cppv=2

Request Chain 49

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=2140579039011657051&gdpr=0

Request Chain 50

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001667523944-P4TRGSUI-MC76&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001667523944-P4TRGSUI-MC76&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=8fce04a2-3499-48ed-9c5b-ae311ac301af&id=AU1D-0100-001667523944-P4TRGSUI-MC76

Request Chain 51

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=8EC85938-0E92-40AF-A971-149CB5AED024&id=AU1D-0100-001667523944-P4TRGSUI-MC76

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_gid=CAESEFLfN2hs4IjKxI6GMoatgSs&google_cver=1&google_ula=450542624,0

Request Chain 53

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NzUyMzk0NC1QNFRSR1NVSS1NQzc2

Request Chain 54

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=kmrEBrT7W1ZJ&ev=1&pid=562316&id=AU1D-0100-001667523944-P4TRGSUI-MC76

Request Chain 55

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001667523944-P4TRGSUI-MC76&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADOWU7GyMsAACOmxizUIw&id=AU1D-0100-001667523944-P4TRGSUI-MC76

Request Chain 56

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26auid%3DAU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26auid%3DAU1D-0100-001667523944-P4TRGSUI-MC76 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=9da0d9ce-3797-4e94-80f1-f99c7e17ca68&id=AU1D-0100-001667523944-P4TRGSUI-MC76&auid=AU1D-0100-001667523944-P4TRGSUI-MC76

Request Chain 57

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&impr_uid=44a0be93-6a2f-4bb5-9f13-41618ec73013

Request Chain 58

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3D%5BRX_UUID%5D&cb=1667523944409 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3DRX-cc76aa9c-6e22-46fc-85d1-57a108077445-005 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001667523944-P4TRGSUI-MC76&unruly_id=RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005

Request Chain 71

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0&cklb=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&google_gid=CAESEJ_UWmcD2Z4HMfyCwPm4RCw&google_cver=1

Request Chain 73

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Ffree.ca%252Fwp-admin%252Fmaint%252Fhelp%252Fhelp%252F%26hn_ver%3D40%26fid%3D7ba7ccb8-e00c-4627-bb8e-64221e79f3dc HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=2140579039011657051&pid=12967&ref=&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&hn_ver=40&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

Request Chain 74

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7ba7ccb8-e00c-4627-bb8e-64221e79f3dc HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8EC85938-0E92-40AF-A971-149CB5AED024&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=8fce04a2-3499-48ed-9c5b-ae311ac301af&dsp=TTD

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
free.ca/wp-admin/maint/help/help/ 8 KB
9 KB 440ms
101ms Document
text/html 35.186.240.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.240.248 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

248.240.186.35.bc.googleusercontent.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

f72a100b17522fde2d6cd5f44253d04e1304cd9bd2abd4691606fea84275c460

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 01:05:42 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://free.ca/wp-json/>; rel="https://api.w.org/"
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding,Cookie
via: 1.1 google
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 86ms
36ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lobster|Pacifico|PT+Sans+Caption:400,700

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ace341cb7d286da16467a2a9f3843ef78fb85e949543b2c90d0d224a3be7f9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 01:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 01:05:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 01:05:42 GMT

GET
H2 200 404.css
storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/ 448 B
1 KB 185ms
135ms Stylesheet
text/css 2607:f8b0:4006:816::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/404.css
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 396d0cd25ed5b0fd3b64384166c4d7e4aa2b8615308cf53c75fd1ab2f8c62466

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:42 GMT
x-goog-meta-goog-reserved-file-mtime: 1427215334
x-guploader-uploadid: ADPycds7NMTh4iHBAELYAyq5zChB2T_oRB9aOqg169E4p4ddhXiELWmC6Gj_z_5P4hYDI988_P2y862y-TLT1Vj6yhzSNQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 448
last-modified: Mon, 26 Feb 2018 08:31:09 GMT
server: UploadServer
etag: "813ef476b48bf2bcaff41d8145f0f8e6"
x-goog-generation: 1519633869485721
content-type: text/css
x-goog-hash: crc32c=g5DZ4Q==, md5=gT70drSL8ryv9B2BRfD45g==
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 448
accept-ranges: bytes
expires: Fri, 04 Nov 2022 01:05:42 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 112 KB
44 KB 87ms
38ms Script
application/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NJ6W97T

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

242f7b9f33d558a0c3360eb960389afbdb91b6c2f79356e1239de8f5b596c55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 01:05:42 GMT

GET
H2 200 script.js Show response
powerad.ai/ 201 KB
44 KB 83ms
27ms Script
application/javascript 23.21.139.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.139.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-139-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: 2ab916ceae63cffab187a277748c0fdd2147a910256f90415952ddf03d9a877c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 19:40:43 GMT
x-powered-by: Express
etag: W/"32443-1843f0291e3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 154 KB
49 KB 106ms
27ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9a7bab94c580b3b51cd3d8aedc5ad3ab0ee19801c787fedb0a73b2596d99916

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 18:07:19 GMT
server: AmazonS3
x-amz-request-id: C76NZ252GPZTD6VV
etag: "1f9bd69cff9dbd966c54089d24f0462b"
x-hw: 1667523943.cds054.dc2.hn,1667523943.cds196.dc2.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 49726
x-amz-id-2: QmjRlowjVsqRohNNcNl9pYbyUYiXa9gZKr5cMdjpdaekBC3HAXhlwRv/oRHqWhbOAG2gX39RfDk=

GET
H2 403 lt.min.js
tags.crwdcntrl.net/lt/c/16075/ 0
0 133ms
75ms Script
application/xml 13.249.39.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16075/lt.min.js
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-126.iad89.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H/1.1

200
OK

am.js Show response
www.yceml.net/am_gen/8193935/include/joined/impressions/page/
Redirect Chain

https://www.anrdoezrs.net/am/8193935/include/joined/impressions/page/am.js
https://www.yceml.net/am_gen/8193935/include/joined/impressions/page/am.js

9 KB
3 KB

192ms
56ms

Script
text/javascript

23.63.176.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yceml.net/am_gen/8193935/include/joined/impressions/page/am.js
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 23.63.176.177 Chicago, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-63-176-177.deploy.static.akamaitechnologies.com
Software: Resin/4.0.66 /
Resource Hash: 795197aabb61358aeb695a27c6a6908b7317c21bbe377dd3ed91979778e5a79f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 01:05:43 GMT
Content-Encoding: gzip
Server: Resin/4.0.66
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=43082
Connection: keep-alive
Content-Length: 2609
Expires: Fri, 04 Nov 2022 13:03:45 GMT

Redirect headers

Location: https://www.yceml.net/am_gen/8193935/include/joined/impressions/page/am.js
Date: Fri, 04 Nov 2022 01:05:43 GMT
Server: Resin/4.0.66
Content-Length: 112
Content-Type: text/html; charset=utf-8

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 97ms
46ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Nov 2022 01:05:42 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 88ms
33ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 638
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76497166bcd8183d-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Nov 2022 01:05:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 90ms
43ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ7TW2M

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

637bd41bc06f57639245752dd1d80bd35ab8982cc8338df74303667b74984617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45932
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 102ms
39ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f6e62ccd06dbddd4a4bf22a197eb5051da2d3b20189c7536219de084435d042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27323
x-xss-protection: 0
server: sffe
etag: "1383 / 83 of 1000 / last-modified: 1667513160"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Nov 2022 01:05:43 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 128ms
31ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 84ms
32ms Fetch
text/plain 23.21.139.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.139.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-139-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 75ms
24ms Fetch
text/plain 23.21.139.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.139.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-139-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 / Show response
powerad.ai/pubPls/ 28 KB
5 KB 47ms
46ms XHR
text/html 23.21.139.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.139.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-139-184.compute-1.amazonaws.com
Software: / Express
Resource Hash: cdf2156bfe7fb768215324e07a5cc8528969808ea108dd25243a5f5aae4a2f35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"7106-6ciEU+9+MKenSx1VyIjazo/vNAU"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://free.ca
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 748ms
245ms Script
text/plain 54.179.66.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.66.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-66-88.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 48ms
44ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137034616-94

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfc746138ddd2d169f594fb13d3f6a4999ec0997f5a40f813d6085da557e2a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43530
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 40ms
36ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137034616-94&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NJ6W97T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2689015e68ac013b876a7b8376588fdb36e313baf4571265d55b8392597429a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43548
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 283ms
94ms Script
application/javascript 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&ref=
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 070c814143a845cbd93448ca7d815b337e586e31d8b9873cddb73139eb9a7aa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12967/ 2 KB
2 KB 477ms
101ms Script
application/javascript 52.51.79.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.79.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-79-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 01:05:43 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
21ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ7TW2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 00:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1845
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 02:34:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 63ms
60ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-43Y166RZLJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ7TW2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aee5565771b6ff530af5c85298a1dea4778e3937c9cfb14c88168d1d50118e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 01:05:43 GMT

POST
H/1.1 200
OK pageImpression Show response
www.qksrv.net/ 2 B
312 B 115ms
23ms XHR
application/json 159.127.43.10
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Requested by: Host: www.anrdoezrs.net
URL: https://www.anrdoezrs.net/am/8193935/include/joined/impressions/page/am.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.127.43.10 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Nov 2022 01:05:44 GMT
Server: Resin/4.0.66
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://free.ca
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Content-Length: 2

OPTIONS
H/1.1 200
OK pageImpression
www.qksrv.net/ Frame 0
0 267ms
23ms Preflight
text/plain 159.127.43.10
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qksrv.net/pageImpression
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.127.43.10 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: Resin/4.0.66 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://free.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://free.ca
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 04 Nov 2022 01:05:43 GMT
Server: Resin/4.0.66

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54bc02ef1948cc2e79b0acbde658b73d68eaf27f2ad4375d1d28424c5ebd4b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 01:05:43 GMT
content-md5: Y/2zGwE8Pw3XAwJIbvXTZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2167
x-fb-rlafr: 0
x-fb-debug: tVebP90a49NcrhUrdfYIVILV55SVImpwntxFh4N2oF9kUDZye4h+BoBhGXOc1ZlBl7bQNT2/dzVlncc+oVCFvA==
x-fb-trip-id: 1512268381
x-fb-content-md5: 56cf559eba53110f1a4e66bd15af0f93
cross-origin-opener-policy: same-origin-allow-popups
etag: "5de5548db413cc92c5edbe1e0e54485a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 01:13:33 GMT

GET
H2 200 bg.jpg
storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/images/ 153 KB
153 KB 47ms
44ms Image
image/jpeg 2607:f8b0:4006:816::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/images/bg.jpg
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/404.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a20c34b446fb1ac9be67cd37f753f3a9572fc82fa43b839515df2964696324cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/404.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
x-goog-meta-goog-reserved-file-mtime: 1427215334
age: 0
x-guploader-uploadid: ADPycdspztL966uNiZQGwV4jpifqZlkq6fAzMWVqr6ZC3eYd3LaB4OfxchxDFwIEI8fZ9GS7eLkI5xOyn2Nludzp17k_ig
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156680
last-modified: Mon, 26 Feb 2018 08:31:12 GMT
server: UploadServer
etag: "ebcdccce0a8493d245bb309df40c8a22"
x-goog-generation: 1519633872364197
x-goog-hash: crc32c=oPdsRg==, md5=683MzgqEk9JFuzCd9AyKIg==
content-type: image/jpeg
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 156680
accept-ranges: bytes
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 btn-back.gif
storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/images/ 5 KB
5 KB 101ms
99ms Image
image/gif 2607:f8b0:4006:816::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/images/btn-back.gif
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/404.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2010 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bac4b6227f19d3b4da8e3a1a32c1ef485a94cf4893146369bca98997f96fd1f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://storage.googleapis.com/free-ca/wp-content/themes/free.ca_4.0/404.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
x-goog-meta-goog-reserved-file-mtime: 1427215334
age: 0
x-guploader-uploadid: ADPycdv-Ony0qoWwvNER0nfPFYLAlksg8e2UBqqvULG7phWNARMjj2wgthQHYCncEltS2G1k6cPhA9rFfHBBZuecmZnCBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5270
last-modified: Mon, 26 Feb 2018 08:31:12 GMT
server: UploadServer
etag: "fe3f0dc40335fbabbb4817ccabcec4fc"
x-goog-generation: 1519633872863082
x-goog-hash: crc32c=hopDag==, md5=/j8NxAM1+6u7SBfMq87E/A==
content-type: image/gif
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 5270
accept-ranges: bytes
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v28/ 33 KB
33 KB 79ms
23ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster|Pacifico|PT+Sans+Caption:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://free.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 05:54:42 GMT
x-content-type-options: nosniff
age: 241861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 05:54:42 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 44ms
44ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1943
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 76497167eee1183d-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 07 Nov 2022 01:05:43 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame E1A3 247 KB
76 KB 178ms
54ms Script
application/javascript 104.76.104.253
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.76.104.253 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-76-104-253.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 44d4cfd96636f673d8f990db7c015327156e1abd1fa60557bbacf2335ff5a7f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 15:50:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=35816
accept-ranges: bytes
content-length: 77322
expires: Fri, 04 Nov 2022 11:02:39 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame A640 49 KB
15 KB 131ms
25ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e44079e3aacd781cd8d2b8bf4c07b2db3847b2f310e86b6b6a06ef00c95e2f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 30 Oct 2022 17:48:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"635eb8e0-c22f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 11 Nov 2022 01:05:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A604 15 KB
6 KB 78ms
24ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=free.ca

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://free.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 01:05:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 350548
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 74ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1609283442689085&ev=PixelInitialized&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&rl=&if=false&ts=1667523943726

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 01:05:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/d26ce87d-cfdb-4abd-9a25-0161b4fd2a35/ 5 KB
2 KB 41ms
28ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d26ce87d-cfdb-4abd-9a25-0161b4fd2a35/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed20bcda386f42329334e40bf4daa97ed4fdda7563296bbe74357603d371ec11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 3375
cf-polished: origSize=4711
status: 200 OK
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 74e4474c-e5ae-49dc-801c-ebd031d5cad5
x-runtime: 0.028948
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"43f593141c35a269ecb95b60523127c9"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 764971688842183d-EWR
access-control-allow-headers: SDK-Version
expires: Fri, 04 Nov 2022 02:05:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
341 B 74ms
33ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-43Y166RZLJ&gtm=2oeb20&_p=2098662763&_gaz=1&cid=299843989.1667523944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667523943&sct=1&seg=0&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&dt=Canadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43Y166RZLJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
332 B 84ms
32ms Ping
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-43Y166RZLJ&cid=299843989.1667523944&gtm=2oeb20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43Y166RZLJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 87ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-43Y166RZLJ&cid=299843989.1667523944&gtm=2oeb20&aip=1&z=1213952073

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
32ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2098662763&t=pageview&_s=1&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&ul=en-us&de=UTF-8&dt=Canadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=66557478&gjid=1223617319&cid=299843989.1667523944&tid=UA-3813503-25&_gid=1379583042.1667523944&_r=1&gtm=2wgb20NJ7TW2M&z=358652722

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
34ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2098662763&t=pageview&_s=1&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&ul=en-us&de=UTF-8&dt=Canadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1418843337&gjid=551621812&cid=299843989.1667523944&tid=UA-137034616-94&_gid=1379583042.1667523944&_r=1&gtm=2oub20&z=1305677363

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022103101.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 101ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022103101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130899
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Nov 2023 22:47:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 79 B
694 B 112ms
33ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=free.ca

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce431fd4ac4d80036d71e71071ea64c249a09142b08210c2e89cab682c1c0f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Fri, 04 Nov 2022 01:05:43 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame E1A3 577 KB
174 KB 28ms
26ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6c715500507d21fa52a209806d4cff33b581f704dac587bc4f392c807cf3743f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 30 Oct 2022 17:32:29 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"635eb52d-9040c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Fri, 11 Nov 2022 01:05:43 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A604
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=free.ca&sn=ChromeSyncframe&so=0&topUrl=free.ca&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_uRrW3xTaGcvQlp4Z3RBeEhSajBQV2IwMWhvWndiRVpETjV3RTYwMGJOdFhjQjNqSWZCRllqRWlqWHdaVzUzOG9jRUJ1Z1pwSEd1T2tqSVJ6enpCVktkamRiTFBFaE52alI2d2s4NG94YVNmQ3ZCYndUV2FSRzFvVk1DaF...

417 B
650 B

85ms
25ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_uRrW3xTaGcvQlp4Z3RBeEhSajBQV2IwMWhvWndiRVpETjV3RTYwMGJOdFhjQjNqSWZCRllqRWlqWHdaVzUzOG9jRUJ1Z1pwSEd1T2tqSVJ6enpCVktkamRiTFBFaE52alI2d2s4NG94YVNmQ3ZCYndUV2FSRzFvVk1DaFFCT1BoaFo5VVIxcGNvb0lMeXFiNTdUYkpSMDFwelJhN1Q2S21IR3hFcCtwSnIyZ3ZaZHMvbytQYkg3c3llaWxnSm5hREtxZTdoUzBsZ3VWN3BxUG9YUGVPWC9LcDZqQmpaandlMFdOMVVSOE9YRUtNbHBQUVNkT3lUalQ0NHJ6aGw4LytYaWlkZGdHemNseFBJSWcvQnJRYlhEczNqdz09fA&cppv=2

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

73e0bffd67e1a2e3435eb24da84f34ad9bf53e870cc28c27cd06c817a51af960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1383951
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_uRrW3xTaGcvQlp4Z3RBeEhSajBQV2IwMWhvWndiRVpETjV3RTYwMGJOdFhjQjNqSWZCRllqRWlqWHdaVzUzOG9jRUJ1Z1pwSEd1T2tqSVJ6enpCVktkamRiTFBFaE52alI2d2s4NG94YVNmQ3ZCYndUV2FSRzFvVk1DaFFCT1BoaFo5VVIxcGNvb0lMeXFiNTdUYkpSMDFwelJhN1Q2S21IR3hFcCtwSnIyZ3ZaZHMvbytQYkg3c3llaWxnSm5hREtxZTdoUzBsZ3VWN3BxUG9YUGVPWC9LcDZqQmpaandlMFdOMVVSOE9YRUtNbHBQUVNkT3lUalQ0NHJ6aGw4LytYaWlkZGdHemNseFBJSWcvQnJRYlhEczNqdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 279945
content-length: 0
expires: 0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 37ms
36ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 331
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 764971695f9217e5-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 04 Dec 2022 01:05:43 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 82ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3813503-25&cid=299843989.1667523944&jid=66557478&gjid=1223617319&_gid=1379583042.1667523944&_u=YADAAEAAAAAAACAAI~&z=509975723

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Nov 2022 01:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 82ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-137034616-94&cid=299843989.1667523944&jid=1418843337&gjid=551621812&_gid=1379583042.1667523944&_u=YADAAUABAAAAACAAI~&z=225322738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Nov 2022 01:05:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/d26ce87d-cfdb-4abd-9a25-0161b4fd2a35/ 176 B
604 B 176ms
143ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/d26ce87d-cfdb-4abd-9a25-0161b4fd2a35/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

119fb9a7d10a6fd33cb6a21b9df7564a67440d344ce4430d61bc82f28302eb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1fbe1466-4c37-4dd3-8d93-345731bb9a6a
x-runtime: 0.006105
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"119fb9a7d10a6fd33cb6a21b9df7564a"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 76497169dca5059f-IAD
access-control-allow-headers: SDK-Version

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 105ms
36ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=251&sync=1&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20b58597bca65c6846164be8e723ea2c817b31b04f6f351f42cb28ad6fa612b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QHY20EBKKYXBSNDD
age: 5056
x-amz-id-2: wAMFRj/S4D1C8KfdpfHS0mFxW1vMXEfKjgX58kfsdPcE+ZzfHImhNKjGXjlgBsYwb+gV9Eg4xCI=
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 15:39:17 GMT
server: cloudflare
etag: W/"fb50e72b4a95082c176cafe0a37bead5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZR%2BnsZiQ3f24hWhVLPYqgNgxnNzTSnIiCym8P3F1hq4J1Y0LUhvnA7FCSCwq2B3uxMwnFgF22a1OL%2FWPOML5EkFXj5rlt0D7joaN2R8q1XFhFO4b5GHkl5u8jTKxRDHt5On5lEIRTxp6m4pTEDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7649716a1fcd062e-IAD

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 40 KB
12 KB 106ms
39ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6612c6315fcc7f82ee43e86dc3812e1f7676014cc868614608d187141bcacecc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 10:33:36 GMT
server: cloudflare
age: 236
etag: W/"1667471616.0-41218-2710964840"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 7649716a1883057a-IAD
expires: Fri, 04 Nov 2022 13:01:48 GMT

GET
H/1.1

200
OK

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=2140579039011657051&gdpr=0

43 B
434 B

275ms
94ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=2140579039011657051&gdpr=0
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 01:05:44 GMT
AN-X-Request-Uuid: beba1d8c-74fb-413d-9a0b-b39fc3189355
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&adnxs_id=2140579039011657051&gdpr=0
Connection: keep-alive
X-Proxy-Origin: 149.56.153.188; 149.56.153.188; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001667523944-P4TRGSUI-MC76&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001667523944-P4TRGSUI-MC76&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=8fce04a2-3499-48ed-9c5b-ae311ac301af&id=AU1D-0100-001667523944-P4TRGSUI-MC76

43 B
434 B

274ms
92ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=8fce04a2-3499-48ed-9c5b-ae311ac301af&id=AU1D-0100-001667523944-P4TRGSUI-MC76
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=8fce04a2-3499-48ed-9c5b-ae311ac301af&id=AU1D-0100-001667523944-P4TRGSUI-MC76
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 259

GET
H/1.1

200
OK

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76
https://ids.ad.gt/api/v1/pbm_match?pbm=8EC85938-0E92-40AF-A971-149CB5AED024&id=AU1D-0100-001667523944-P4TRGSUI-MC76

43 B
434 B

275ms
95ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=8EC85938-0E92-40AF-A971-149CB5AED024&id=AU1D-0100-001667523944-P4TRGSUI-MC76
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=8EC85938-0E92-40AF-A971-149CB5AED024&id=AU1D-0100-001667523944-P4TRGSUI-MC76
date: Fri, 04 Nov 2022 01:05:41 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001667523944-P4TRGSUI-MC76
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_gid=CAESEFLfN2hs4IjKxI6GMoatgSs&google_cver=1&google_ula=450542624,0

43 B
434 B

280ms
97ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_gid=CAESEFLfN2hs4IjKxI6GMoatgSs&google_cver=1&google_ula=450542624,0
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&google_gid=CAESEFLfN2hs4IjKxI6GMoatgSs&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001667523944-P4TRGSUI-MC76
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NzUyMzk0NC1QNFRSR1NVSS1NQzc2

170 B
188 B

36ms
36ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NzUyMzk0NC1QNFRSR1NVSS1NQzc2

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NzUyMzk0NC1QNFRSR1NVSS1NQzc2
Date: Fri, 04 Nov 2022 01:05:44 GMT
Server: openresty/1.21.4.1
Connection: keep-alive
Content-Length: 473
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001667523944-P4TRGSUI-MC76
https://ids.ad.gt/api/v1/ppnt_match?uid=kmrEBrT7W1ZJ&ev=1&pid=562316&id=AU1D-0100-001667523944-P4TRGSUI-MC76

43 B
434 B

100ms
95ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=kmrEBrT7W1ZJ&ev=1&pid=562316&id=AU1D-0100-001667523944-P4TRGSUI-MC76
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://ids.ad.gt/api/v1/ppnt_match?uid=kmrEBrT7W1ZJ&ev=1&pid=562316&id=AU1D-0100-001667523944-P4TRGSUI-MC76
content-language: en-CA
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6864bf847b-7xdbn
expires: -1

GET
H/1.1

200
OK

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001667523944-P4TRGSUI-MC76
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001667523944-P4TRGSUI-MC76&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADOWU7GyMsAACOmxizUIw&id=AU1D-0100-001667523944-P4TRGSUI-MC76

43 B
434 B

203ms
95ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADOWU7GyMsAACOmxizUIw&id=AU1D-0100-001667523944-P4TRGSUI-MC76
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADOWU7GyMsAACOmxizUIw&id=AU1D-0100-001667523944-P4TRGSUI-MC76
Date: Fri, 04 Nov 2022 01:05:44 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=9da0d9ce-3797-4e94-80f1-f99c7e17ca68&id=AU1D-0100-001667523944-P4TRGSUI-MC76&auid=AU1D-0100-001667523944-P4TRGSUI-MC76

43 B
434 B

242ms
99ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=9da0d9ce-3797-4e94-80f1-f99c7e17ca68&id=AU1D-0100-001667523944-P4TRGSUI-MC76&auid=AU1D-0100-001667523944-P4TRGSUI-MC76
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

date: Fri, 04 Nov 2022 01:05:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=9da0d9ce-3797-4e94-80f1-f99c7e17ca68&id=AU1D-0100-001667523944-P4TRGSUI-MC76&auid=AU1D-0100-001667523944-P4TRGSUI-MC76
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&impr_uid=44a0be93-6a2f-4bb5-9f13-41618ec73013

43 B
434 B

173ms
89ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&impr_uid=44a0be93-6a2f-4bb5-9f13-41618ec73013
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001667523944-P4TRGSUI-MC76&impr_uid=44a0be93-6a2f-4bb5-9f13-41618ec73013
access-control-allow-origin: *
date: Fri, 04 Nov 2022 01:05:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3D%5BRX_UUID%5D&cb=1667523944409
https://sync.targeting.unrulymedia.com/csync/RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001667523944-P4TRGSUI-MC76%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001667523944-P4TRGSUI-MC76&unruly_id=RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005

43 B
434 B

106ms
105ms

Image
image/gif

2600:1f14:426:3f00:760d:6511:7b1f:158e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001667523944-P4TRGSUI-MC76&unruly_id=RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 2600:1f14:426:3f00:760d:6511:7b1f:158e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 04 Nov 2022 01:05:44 GMT
Cache-Control: public, max-age=43200
Server: openresty/1.21.4.1
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Fri, 04 Nov 2022 13:05:44 GMT

Redirect headers

Date: Fri, 04 Nov 2022 01:05:44 GMT
Server: Tengine
ETag: RXcc76aa9c6e2246fc85d157a108077445005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001667523944-P4TRGSUI-MC76&unruly_id=RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005
Content-Type: text/html
Connection: keep-alive

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
38ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3813503-25&cid=299843989.1667523944&jid=66557478&_u=YADAAEAAAAAAACAAI~&z=775206129

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 79ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3813503-25&cid=299843989.1667523944&jid=66557478&_u=YADAAEAAAAAAACAAI~&z=775206129

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
97 B 276ms
96ms XHR
text/plain 35.84.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.93.102 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-93-102.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://free.ca
date: Fri, 04 Nov 2022 01:05:44 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
52 B 269ms
81ms Script
text/plain 44.241.67.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=d2da3cff8b714ebbf005b4e872423efd&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.67.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-67-155.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
server: nginx/1.20.0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 44ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 01:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bRiljWQUPrGZW8qtNfcdnH/+FFQLQDSGXKL7PvXOSh81m5H1Ku8gMvVGkyJrSrh/g8gys/lztTkArWK+tM7XYA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 20ms
20ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 00:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Nov 2022 01:54:06 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 00:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Nov 2022 01:20:56 GMT

GET
H2 200 d25e07cf-920f-4d6b-95d6-31e2dfdec326.png
img.onesignal.com/t/ 9 KB
10 KB 54ms
35ms Image
image/png 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/t/d25e07cf-920f-4d6b-95d6-31e2dfdec326.png

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3bd1361357f91f432c2b27eafbe896bbe9223e512dc92a920a75fb029cbdae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
x-amz-meta-cache-control: public, maxage=604800
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: YTWT45NWE89BJ4SP
age: 1451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9629
x-amz-id-2: JyrbJGMctH/horbQnvAD4bk/0eqdUa50nntFs0VZDvq+Ca4IddhctSoNfCtOJKfd+E1KHFP75w8=
last-modified: Wed, 04 Jul 2018 17:35:26 GMT
server: cloudflare
etag: "e823cfca43fcf8115244f5840bf1fb0b"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7649716afcdf183d-EWR
expires: Mon, 05 Dec 2022 01:05:44 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 296 KB
86 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ceeb0a0fced8449a7e70593c5c99e7d397dd2b3b4b2b22ff3e013bcd5a707efe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 01:05:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87956
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: YhyNtoa1RoycE7AUbI4c+4bWx1Nay8Wph4Mb3xewewrPUwYvWAK/yE4S2fqo/fX/LWzvV1NuySqyQcyNwkaU1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 876 B
1 KB 418ms
104ms Script
application/javascript 34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12967&ref=&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&hn_ver=40&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

aeb645b25253be1c041522619267737925f140db558f0ce1b409b12035adb352

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Fri, 04 Nov 2022 01:05:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 876
Expires: Thu, 27 Oct 2022 09:01:22 UTC

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 46ms
23ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&rl=&if=false&ts=1667523944192&cd[partner_id]=251&cd[tagger_id]=d2da3cff8b714ebbf005b4e872423efd&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667523944191.1167732437&it=1667523944131&coo=false&tm=1&rqm=GET

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 01:05:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 69ms
23ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://free.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 01:05:44 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0&cklb=1

0
316 B

55ms
55ms

Image
text/plain

199.187.193.199
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0&cklb=1
Requested by: Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/
Protocol: HTTP/1.1
Server: 199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&gdpr=0&cklb=1
pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc
https://s.cpx.to/ca.png?dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&google_gid=CAESEJ_UWmcD2Z4HMfyCwPm4RCw&google_cver=1

95 B
804 B

295ms
102ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&google_gid=CAESEJ_UWmcD2Z4HMfyCwPm4RCw&google_cver=1

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Fri, 04 Nov 2022 01:05:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/ca.png?dsp=dbm&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc&google_gid=CAESEJ_UWmcD2Z4HMfyCwPm4RCw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12967%26ref%3D%26url%3Dhttps%253A%252F%252Ffree.ca%252Fwp-admin%252Fmaint%252Fhelp%252Fhelp%252F%26...
https://s.cpx.to/an_fire?app_nexus_uid=2140579039011657051&pid=12967&ref=&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&hn_ver=40&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

95 B
865 B

194ms
102ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=2140579039011657051&pid=12967&ref=&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&hn_ver=40&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Fri, 04 Nov 2022 01:05:45 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
Expires: Fri, 04 Nov 2022 01:05:45 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 01:05:44 GMT
AN-X-Request-Uuid: db2b117d-ef99-4b88-991d-cb3ffa14a4ae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://s.cpx.to/an_fire?app_nexus_uid=2140579039011657051&pid=12967&ref=&url=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&hn_ver=40&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc
Connection: keep-alive
X-Proxy-Origin: 149.56.153.188; 149.56.153.188; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7ba7ccb8-e00c-4627-bb8e-64221e79f3dc
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8EC85938-0E92-40AF-A971-149CB5AED024&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

95 B
881 B

102ms
102ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8EC85938-0E92-40AF-A971-149CB5AED024&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Fri, 04 Nov 2022 01:05:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
Expires: Fri, 04 Nov 2022 01:05:44 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8EC85938-0E92-40AF-A971-149CB5AED024&fid=7ba7ccb8-e00c-4627-bb8e-64221e79f3dc
date: Fri, 04 Nov 2022 01:05:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=8fce04a2-3499-48ed-9c5b-ae311ac301af&dsp=TTD

95 B
876 B

204ms
102ms

Image
image/png

34.246.142.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=8fce04a2-3499-48ed-9c5b-ae311ac301af&dsp=TTD

Requested by

Host: free.ca
URL: https://free.ca/wp-admin/maint/help/help/

Protocol

HTTP/1.1

Server

34.246.142.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-142-233.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Date: Fri, 04 Nov 2022 01:05:44 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
Expires: Fri, 04 Nov 2022 01:05:44 UTC

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=8fce04a2-3499-48ed-9c5b-ae311ac301af&dsp=TTD
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 179

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
20ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&rl=&if=false&ts=1667523945695&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtCanadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca%22%2C%22meta%3Adescription%22%3A%22Canadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667523944191.1167732437&it=1667523944131&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 01:05:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 71ms
36ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-43Y166RZLJ&gtm=2oeb20&_p=2098662763&cid=299843989.1667523944&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667523943&sct=1&seg=0&dl=https%3A%2F%2Ffree.ca%2Fwp-admin%2Fmaint%2Fhelp%2Fhelp%2F&dt=Canadian%20Freebies%2C%20Free%20Stuff%2C%20Samples%20%26%20Contests%20%E2%80%93%20Free.ca&en=scroll&epn.percent_scrolled=90&_et=18
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43Y166RZLJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://free.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 01:05:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://free.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
free.ca/	1969-12-31 23:59:59	Name: GCLB Value: CKyq1vii9KmuhAE
powerad.ai/	1969-12-31 23:59:59	Name: 12331dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12593dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12594dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12595dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12940dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 13127dcr-g Value: 1
.free.ca/	1970-01-20 16:48:03	Name: _ga_43Y166RZLJ Value: GS1.1.1667523943.1.0.1667523943.60.0.0
.criteo.com/	1970-01-20 16:33:39	Name: uid Value: 346b0d4f-729b-49ef-8e34-10fd419d36a6
.free.ca/	1970-01-20 16:48:03	Name: _ga Value: GA1.2.299843989.1667523944
.free.ca/	1970-01-20 07:13:30	Name: _gid Value: GA1.2.1379583042.1667523944
.free.ca/	1970-01-20 07:12:04	Name: _gat_UA-3813503-25 Value: 1
.free.ca/	1970-01-20 07:12:04	Name: _gat_gtag_UA_137034616_94 Value: 1
.free.ca/	1970-01-20 15:57:39	Name: _au_1d Value: AU1D-0100-001667523944-P4TRGSUI-MC76
.free.ca/	1970-01-20 15:57:39	Name: _au_last_seen_pixels Value: eyJhcG4iOjE2Njc1MjM5NDQsInR0ZCI6MTY2NzUyMzk0NCwicHViIjoxNjY3NTIzOTQ0LCJhZHgiOjE2Njc1MjM5NDQsImdvbyI6MTY2NzUyMzk0NCwicHBudCI6MTY2NzUyMzk0NCwiYmVlcyI6MTY2NzUyMzk0NCwib3BlbngiOjE2Njc1MjM5NDQsImltcHIiOjE2Njc1MjM5NDQsInVucnVseSI6MTY2NzUyMzk0NH0=
.free.ca/	1970-01-20 16:33:39	Name: cto_bundle Value: qaQ2Fl9WVjhZSnFMNnFWUnh2bWhQeXVCc0pzRjB0Z3V2UzI1SmlpYlJkOGc0eUFlelp4cGZIWEZPSDhMbU9OZ1cxN1dsVHR3djRKMDhOYzU1eUEwNzJWVG1rNEdIZ29HQmlDZFI0UWpYWWQxdlVpa3pWbW9WSXh5bVQlMkZpcHpjTyUyQlY2SWR5T0NDUlpLNEpiQlVMak9ZTDlWNTZRJTNEJTNE
.adsrvr.org/	1970-01-20 15:57:39	Name: TDID Value: 8fce04a2-3499-48ed-9c5b-ae311ac301af
.adnxs.com/	1970-01-20 09:21:39	Name: uuid2 Value: 2140579039011657051
.pubmatic.com/	1970-01-20 09:21:39	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 09:21:39	Name: KADUSERCOOKIE Value: 8EC85938-0E92-40AF-A971-149CB5AED024
.doubleclick.net/	1970-01-20 16:48:03	Name: IDE Value: AHWqTUl74ExaSXgkCmdyLsn8qdQUF0wMQBHfb24mBCPT9MP52LmwUL34W2tbZsxyR7E
.openx.net/	1970-01-20 15:57:39	Name: i Value: 674cfff2-179c-4e9f-89dc-25240d4f3691\|1667523944
.free.ca/	1970-01-20 09:21:39	Name: _fbp Value: fb.1.1667523944191.1167732437
.bidr.io/	1970-01-20 16:40:37	Name: bito Value: AADOWU7GyMsAACOmxizUIw
.bidr.io/	1970-01-20 16:40:37	Name: bitoIsSecure Value: ok
.360yield.com/	1970-01-20 09:21:39	Name: tuuid Value: 44a0be93-6a2f-4bb5-9f13-41618ec73013
.360yield.com/	1970-01-20 09:21:39	Name: tuuid_lu Value: 1667523944
.ad.gt/	1970-01-20 16:48:03	Name: au_id Value: AU1D-0100-001667523944-P4TRGSUI-MC76
.ad.gt/	1970-01-20 16:48:03	Name: g_hosted Value:
.contextweb.com/	1970-01-20 15:50:27	Name: V Value: kmrEBrT7W1ZJ
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: f503784f37cbea17
.1rx.io/	1970-01-20 15:57:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005%22%7D
.targeting.unrulymedia.com/	1970-01-20 15:57:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc76aa9c-6e22-46fc-85d1-57a108077445-005%22%7D
.cpx.to/	1970-01-20 15:57:39	Name: cpSess Value: 6a2d124caff3e8c6
.adsrvr.org/	1970-01-20 15:57:39	Name: TDCPM Value: CAEYASABKAIyCwjAxJ_m7YKfOxAFOAFaBzBma2Npb3RgAg..
.cpx.to/	1970-01-20 15:57:39	Name: dsp_pubmatic Value: 8EC85938-0E92-40AF-A971-149CB5AED024#1667523944837
.cpx.to/	1970-01-20 15:57:39	Name: dsp_TTD Value: 8fce04a2-3499-48ed-9c5b-ae311ac301af#1667523944941
.cpx.to/	1970-01-20 15:57:39	Name: dsp_dbm Value: CAESEJ_UWmcD2Z4HMfyCwPm4RCw#1667523945045
.cpx.to/	1970-01-20 15:57:39	Name: dsp_app_nexus Value: 2140579039011657051#1667523945043
.smartadserver.com/	1970-01-20 15:57:39	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:57:39	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/	1970-01-20 15:57:39	Name: pid Value: 8836016087931748683

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://free.ca/wp-admin/maint/help/help/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.crwdcntrl.net/lt/c/16075/lt.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
ads.pubmatic.com
analytics.google.com
assets.revcontent.com
bh.contextweb.com
cdn.hadronid.net
cdn.onesignal.com
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
free.ca
gum.criteo.com
hb.brainlyads.com
ids.ad.gt
image2.pubmatic.com
img.onesignal.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
onesignal.com
p.ad.gt
p.cpx.to
pixel.zprk.io
pixels.ad.gt
powerad.ai
reporting.powerad.ai
s.cpx.to
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.smartadserver.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
u.openx.net
www.anrdoezrs.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.qksrv.net
www.yceml.net
104.76.104.253
13.249.39.126
142.251.40.98
15.197.193.217
151.139.128.11
159.127.43.10
198.148.27.139
199.127.204.171
199.187.193.199
2001:4860:4802:38::181
23.20.158.212
23.21.139.184
23.63.176.177
2600:1f14:426:3f00:760d:6511:7b1f:158e
2606:4700:10::ac43:17ea
2606:4700:20::ac43:49e4
2606:4700::6812:e134
2606:4700::6812:e234
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:809::200e
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2010
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:100:a001::c
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.229.253.47
34.246.142.233
34.98.64.218
35.186.240.248
35.84.93.102
44.241.67.155
52.51.79.61
54.179.66.88
54.234.151.247
54.84.111.157
68.67.161.208
74.119.119.139
8.28.7.83
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
070c814143a845cbd93448ca7d815b337e586e31d8b9873cddb73139eb9a7aa7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
119fb9a7d10a6fd33cb6a21b9df7564a67440d344ce4430d61bc82f28302eb52
19c22b759f0237ac8507dd5377ed3a965a858bb76a115263a303fefdec060b17
20b58597bca65c6846164be8e723ea2c817b31b04f6f351f42cb28ad6fa612b2
242f7b9f33d558a0c3360eb960389afbdb91b6c2f79356e1239de8f5b596c55e
2689015e68ac013b876a7b8376588fdb36e313baf4571265d55b8392597429a1
2ab916ceae63cffab187a277748c0fdd2147a910256f90415952ddf03d9a877c
396d0cd25ed5b0fd3b64384166c4d7e4aa2b8615308cf53c75fd1ab2f8c62466
44d4cfd96636f673d8f990db7c015327156e1abd1fa60557bbacf2335ff5a7f0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f6e62ccd06dbddd4a4bf22a197eb5051da2d3b20189c7536219de084435d042
54bc02ef1948cc2e79b0acbde658b73d68eaf27f2ad4375d1d28424c5ebd4b5f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
637bd41bc06f57639245752dd1d80bd35ab8982cc8338df74303667b74984617
6612c6315fcc7f82ee43e86dc3812e1f7676014cc868614608d187141bcacecc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c715500507d21fa52a209806d4cff33b581f704dac587bc4f392c807cf3743f
73e0bffd67e1a2e3435eb24da84f34ad9bf53e870cc28c27cd06c817a51af960
795197aabb61358aeb695a27c6a6908b7317c21bbe377dd3ed91979778e5a79f
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
a20c34b446fb1ac9be67cd37f753f3a9572fc82fa43b839515df2964696324cc
ace341cb7d286da16467a2a9f3843ef78fb85e949543b2c90d0d224a3be7f9c7
aeb645b25253be1c041522619267737925f140db558f0ce1b409b12035adb352
aee5565771b6ff530af5c85298a1dea4778e3937c9cfb14c88168d1d50118e3c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bac4b6227f19d3b4da8e3a1a32c1ef485a94cf4893146369bca98997f96fd1f1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfc746138ddd2d169f594fb13d3f6a4999ec0997f5a40f813d6085da557e2a66
cdf2156bfe7fb768215324e07a5cc8528969808ea108dd25243a5f5aae4a2f35
ce431fd4ac4d80036d71e71071ea64c249a09142b08210c2e89cab682c1c0f0d
ceeb0a0fced8449a7e70593c5c99e7d397dd2b3b4b2b22ff3e013bcd5a707efe
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44079e3aacd781cd8d2b8bf4c07b2db3847b2f310e86b6b6a06ef00c95e2f72
ea3bd1361357f91f432c2b27eafbe896bbe9223e512dc92a920a75fb029cbdae
ed20bcda386f42329334e40bf4daa97ed4fdda7563296bbe74357603d371ec11
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f266acb707c5b2704c3b6e18e0888d7995bad0ba0ffec4a125146f7e3d058583
f72a100b17522fde2d6cd5f44253d04e1304cd9bd2abd4691606fea84275c460
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f9a7bab94c580b3b51cd3d8aedc5ad3ab0ee19801c787fedb0a73b2596d99916

free.ca Open in urlscan Pro 35.186.240.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

78 %HTTPS

46 %IPv6

36 Domains

49 Subdomains

38 IPs

4 Countries

1294 kBTransfer

3679 kBSize

42 Cookies

0 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

free.ca Open in urlscan Pro
35.186.240.248 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

78 %
HTTPS

46 %
IPv6

36
Domains

49
Subdomains

38
IPs

4
Countries

1294 kB
Transfer

3679 kB
Size

42
Cookies

79 HTTP transactions
0 data transactions