www.citim.org Open in urlscan Pro
2606:4700:3032::6815:2483  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

• https://cm.everesttech.net/cm/dd?d_uuid=66363414231238772394447079359660894719 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZC_UewAAAJ6jQAOY

Request Chain 55

• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzNjM0MTQyMzEyMzg3NzIzOTQ0NDcwNzkzNTk2NjA4OTQ3MTk= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjYzNjM0MTQyMzEyMzg3NzIzOTQ0NDcwNzkzNTk2NjA4OTQ3MTk=&google_tc= HTTP 302
• https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAu7h0ngXXnmC5DjQZYvsUI&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 56

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFBZnlycUhJTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 57

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCTFdnNGdJNw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 58

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWZ3QUFBTDNoQEgwTw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 60

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCY3RkRjNJSw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 61

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCU1l6aXlXTg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 62

• https://c.bing.com/c.gif?uid=66363414231238772394447079359660894719&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1957&dpuuid=18F11E944221691136BC0C7843AA688F

Request Chain 63

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCTVkza0Zzcg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 65

• https://usermatch.krxd.net/um/v2?partner=adobe&id=66363414231238772394447079359660894719 HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66363414231238772394447079359660894719

Request Chain 66

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkNfVWV3QUFBSjZqUUFPWQ==

Request Chain 67

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZC_UewAAAJ6jQAOY&expires=90

Request Chain 68

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY&C=1

Request Chain 69

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=ZC_UewAAAJ6jQAOY HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZC_UewAAAJ6jQAOY

Request Chain 70

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZC_UewAAAJ6jQAOY

Request Chain 71

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZC_UewAAAJ6jQAOY

Request Chain 72

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1&__user_check__=1&sync_id=35e4e0ec-d4f8-11ed-8034-180e33a50406

Request Chain 73

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZC_UewAAAJ6jQAOY&t=2592000&o=0

Request Chain 74

• https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
• https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
• https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAD9Yk7IXykAACMmF1r3xw?gdpr=0

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.citim.org/	110 KB 18 KB	705ms 667ms	Document text/html	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02a9e5f29ff0307367784374cab4d264675cc9423652aa4c2ab8a4cb96e75d47 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7b3f579afc555c56-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 07 Apr 2023 03:56:42 GMT expires Wed, 17 Aug 2005 00:00:00 GMT last-modified Fri, 07 Apr 2023 03:56:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb819CiPXT8z0ZcRSi%2BBpXPzX6aYJr9jmnathzBV6Lrlk0PSkF4YMYpfm8%2F5O2Gfian2mI2zA%2FdY%2B1rFe4qOhF0nvJM36Pde4UQCIt47onfPpzYHDzLvuP%2FXm4wohmFdq%2FhqNEPGYw1tIOmj"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-powered-by K2 v2.11 (by JoomlaWorks) x-logged-in False
GET H2	200	css-e256d-64637.css www.citim.org/t3-assets/css/	133 KB 21 KB	34ms 28ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-e256d-64637.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a698618a6f27aa6bf22baf8d0ab156340cda7a8f68509812aafb773441c8351 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Fri, 31 Dec 2021 15:39:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJKlyMGiQe5P7K4p0VqCFQE1i6PnriNZWGPHnlmE6sQX1QGaIj5O8D1ILDq6agdGx3nVsYJoN7KxaOQm9%2FKHspU9C3zw24lhNghG6PoliV%2BKtHBZrgaTOds3qbE2L4a%2FaFKJu1CJgqJSm4UH"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fc45c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	simple-line-icons.min.css cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/	11 KB 3 KB	45ms 16ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2163935 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2041 last-modified Mon, 04 May 2020 16:16:18 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd2-2af4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XiF3%2B0OemY7CI3vakY0ym2ZWBZhZGyTpsM8pyBZTOlMHKSB6RXKK7ECQlC51kh%2F5bgoY199nGgjW8s0lQUCdynT3WJH8B7p4FFtITdsWuGW1ZXTSZXsp3%2FzgmjO%2FuMxgfIoCGHk5xTNGCHfCAJaON8%2B"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7b3f579f59779b5d-FRA expires Wed, 27 Mar 2024 03:56:42 GMT
GET H2	200	css-358fb-64637.css www.citim.org/t3-assets/css/	64 KB 13 KB	37ms 31ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-358fb-64637.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 065d0ea18b58f989cbf5650a847b42161b3dcf504a27d6507c9f44cc06f9c5b0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Fri, 31 Dec 2021 15:39:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43Bytp76TYNKOU%2BWqugrc4nJ9Ji80AYeKGLuHGMVV6aVB0ld7k0HuteAuAtL9W4XmUGHX4536sW1AVY%2FYuNbsg8ey1PwgDA2x0lFxsnLA79kNtsuegQx2jNBwwKgt5ODA%2Fy%2FlfXBTA%2F%2FQyEL"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fc55c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	css-670b5-23551.css www.citim.org/t3-assets/css/	215 KB 30 KB	26ms 20ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-670b5-23551.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb2f7cefeb3610ec812993b82074b5a97a0c1cb979b557e37dbf44e17981e59 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Fri, 16 Dec 2022 22:52:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLzJ3ISuf2nfjaJrKgrBB1oo4aDokrl6fYP0c%2FoKSXbdwtYEaeFuIxAtqpTB4tiihxhEFh1EsIhfvbqUoJfat99mxCF2%2F1AiShFYUKWnCCtcypnClCpuPJK2Vcw6M6SWbFwEk3IDBKG8w8Cm"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fc65c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	css-506de-90516.css www.citim.org/t3-assets/css/	294 KB 45 KB	36ms 30ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-506de-90516.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a860b50e79dfa32e5ac9e58493f18bc2a5bfe1f614558014fe61317b94ef030 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:14:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21510 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BziwZvWCVJbhhGc5cW1pGzOkzjtjdyuH3BGscSmk%2BvAP15KObgRj7CViq9uVMQlu03XLKGdMpBtjxdQk87h2mWY1%2BNx5R95pXVFQZXg0IWlbOOMSAFEqyH7UvpkqAUdfZjsLWKXk2VCQFrRO"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fc85c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:12 GMT
GET H2	200	css-206b3-64637.css www.citim.org/t3-assets/css/	174 KB 26 KB	30ms 24ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-206b3-64637.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ea97a1eb260c1f93f81bb6f86d52530658a4f4d4f44b74cb6495100fc13e99c Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Fri, 31 Dec 2021 15:39:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oCjDZKycaT65KuYR9UUN8zQBpG%2BdnyCXLYg9201CeR76dZBDCop%2FU6b67kZUYKfm1QGOZS0YcO6J4vnhAQ0fiITKIkXsPkcyzPEiUu8hVjvgsl%2BAUpOlQitDIQ9aavnY4SsSkuHdbxm8ePK"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fc95c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	66ms 20ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0842843d1561f03fb7029eee70ecebdd203acb8c9679c1cbeb6b889bf53fe89d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 07 Apr 2023 03:56:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 07 Apr 2023 02:36:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 07 Apr 2023 03:56:42 GMT
GET H2	200	css fonts.googleapis.com/	400 B 395 B	74ms 28ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Shadows+Into+Light Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9af41edb4bd66c7927a9940ec262e77c12e61c367db09240790b1c3e8c7f4f36 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 07 Apr 2023 03:56:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 07 Apr 2023 02:46:04 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 07 Apr 2023 03:56:42 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 498 B	75ms 29ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Great+Vibes Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d44e6888ba7cf7f3a6c4015c8887354cd88d7ea0c7036b3c143bc0e1c9555d92 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 07 Apr 2023 03:56:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 07 Apr 2023 03:32:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 07 Apr 2023 03:56:42 GMT
GET H2	200	css-153b2-61807.css www.citim.org/t3-assets/css/	58 KB 8 KB	32ms 27ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/css/css-153b2-61807.css Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9b2b5650012895252c36164844f92c37925e99f5c6a2463c923777dd98cf7b4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Sep 2022 19:50:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Iiqd18P%2FW9fU6c%2FPrpnGzuvrYAo%2FbP4kSgPMeeC8vLUwMd%2BAnjwfw93U9dFndwUTSH5YAdJDBOvUa4lF4s%2F6YEbAINQi%2BT3pqySljlSht3fBhR6RY%2F28Mq34%2B8zbh67ZhQakqSZUXJpF%2BHN"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f3fca5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	js-5c1d2-90516.js Show response www.citim.org/t3-assets/js/	106 KB 38 KB	34ms 29ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/js/js-5c1d2-90516.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a342aa3d98fab8cedb43d3fa9fb2a03f95033aa93b899ce7a4a218b07e1329cf Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Aug 2022 13:14:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYAgJoG8gMwsohtz%2FAjupEH%2F1aCtlicqrNzrWR%2BwyuhawRIc8PaD8TrZvAuzxe%2BMYX6G148LFwGDB4%2BrOkc58KxnfpK%2BfywN%2F%2B1IwGV1aOhZU3iAPUYLIs2kM%2FsYqcCTN9KW%2FqXgDqezUsoH"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000, public cf-ray 7b3f579f3fcc5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	k2.frontend.js Show response www.citim.org/media/k2/assets/js/	11 KB 3 KB	22ms 17ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/media/k2/assets/js/k2.frontend.js?v=2.11&b=20230112&sitepath=/ Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6b0db943f618ecd49414b53cfe6774f0e89c93477798f8f56471c8a43cf414b Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Tue, 17 Jan 2023 14:10:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jiBJO70UZbKqJ99wtDTRrBqejWyC1NQX82pg%2B5zT%2Bjn9w8pvf%2FmRVp2rrUs1S%2FDR09Kb%2Bj5gKKz%2B3G%2BfCli8DzCyKoy%2FZa40a4TEUlZYuG24fXHqAVUlxW5Why0dA%2BroHbX6xYWWTXup1vm"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000, public cf-ray 7b3f579f3fcd5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	js-e508e-64637.js Show response www.citim.org/t3-assets/js/	188 KB 45 KB	34ms 29ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/js/js-e508e-64637.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fe75299aabe8a15e0acb2f8ffd5481f3f1183c4b2715a0d1c797bd9e6646fe4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Fri, 03 Feb 2023 19:03:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21510 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhhho1nwrR2SLLzM3bTKtLILZsfuJbflq1n5PpDzGzMmhnv0kZpqjqCPFT7lhiLq8mXMIMa5%2B4u%2FKn1xgii6W7Fz0z7y7dy7onBXqULGH3POHDJ0BWRJZtWJka5EE%2FZ4JJYJ5YDL9GS3XNQr"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000, public cf-ray 7b3f579f3fce5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:12 GMT
GET H2	200	jcemediabox.min.js Show response www.citim.org/plugins/system/jcemediabox/js/	54 KB 17 KB	22ms 18ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/plugins/system/jcemediabox/js/jcemediabox.min.js?d67233ea942db0e502a9d3ca48545fb9 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af61cf01ef9c0db33197363a0aaa3f1726dcf18baf100974b2e1501031ab7ee5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Mon, 03 Jan 2022 15:25:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5MiI3T6aEAeIp1i0GgNfKAXkdkGWBotVPBTSyV06BE%2BJfQNvLDs2yVyZT117Uj8cDn4DVuAE4sKWzBzCYy9CYc1F6WUreATwiQo0%2BQdVZFTHXS4RdwfzgWWa9JRxojV51mGJdAg9l%2FjIusw"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000, public cf-ray 7b3f579f3fcf5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	js-c4c43-54544.js Show response www.citim.org/t3-assets/js/	401 KB 116 KB	38ms 33ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/t3-assets/js/js-c4c43-54544.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfe47ea2e9f104287d62b685a1d720b703a577d1568d1011941825ae73045f6b Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Sat, 17 Dec 2022 05:23:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21511 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx64WpbWV035RV8mw%2FSms6XIW931a3cjRktqSHF6glEY2chxnRmDWHl50a3jiNa5oda6XjOJTq3spFhngk5NepON%2FdstOesNyFONijZxZb%2Fvcm3fwBabyhffHsIM3ubgPBt4OpQaDtmsMxm3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000, public cf-ray 7b3f579f3fd45c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:11 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	113 KB 44 KB	65ms 30ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9721889 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1510e160b1e77cfbdbe5429f3388faf3dae13a408405530853558e8d1bb4970e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45067 x-xss-protection 0 last-modified Fri, 07 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 07 Apr 2023 03:56:43 GMT
GET H/1.1	200 OK	VisitorAPI.js Show response www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/	26 KB 11 KB	295ms 97ms	Script application/javascript	104.109.66.27 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.66.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-66-27.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9c7808f8e99aabb6e8f7295faf5e96fcb7386052fa4a7ffe7d7400479d811859 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.bnc.ca *.nbc.ca; Strict-Transport-Security max-age=63072000; X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; Content-Security-Policy frame-ancestors 'self' *.bnc.ca *.nbc.ca; X-Content-Type-Options nosniff Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Fri, 07 Apr 2023 03:33:12 GMT Server Apache Content-Encoding gzip ETag "69aa-5f8b6af4cce44-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 10596
GET H/1.1	200 OK	AppMeasurement.js Show response www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/	57 KB 18 KB	327ms 129ms	Script application/javascript	104.109.66.27 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/AppMeasurement.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.66.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-66-27.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d12a0d30f346e809bdceea8650532c61412880392c78634330350133ca69b58b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.bnc.ca *.nbc.ca; Strict-Transport-Security max-age=63072000; X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; Content-Security-Policy frame-ancestors 'self' *.bnc.ca *.nbc.ca; X-Content-Type-Options nosniff Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Fri, 07 Apr 2023 03:31:35 GMT Server Apache Content-Encoding gzip ETag "e361-5f8b6a986f44a-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 18225
GET H2	200	Logo-CITIM-Clef-Integration-au-travail-des-immigrants-Montreal-Quebec.png www.citim.org/images/s-images/logos/	4 KB 4 KB	298ms 294ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/s-images/logos/Logo-CITIM-Clef-Integration-au-travail-des-immigrants-Montreal-Quebec.png Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d1e73d111ffee12e2b278d546f65f27b35340c1da31cbb56cc3b479f2c55f70 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 31 Dec 2021 15:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ%2FEzRkZlC4TZsyIZ0pp2U23XBR6xgGxhSsyQD8Qv7%2FF8sf5Y78OfeE5pjqHEnwc2ldDnm2PkgqeYJkqlDslltjo%2FpoDTP%2FFt03ItGGFnOjuCGYuV9uNNN%2BtXcVK%2FBT8pQbLYtNJpFL5CEjF"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a1595e5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3991 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	Banniere_WEB_Anglais.jpg www.citim.org/images/2022/	176 KB 176 KB	489ms 485ms	Image image/jpeg	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2022/Banniere_WEB_Anglais.jpg Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 673cb737cf61180fcd6d47c746c27f0e4fd497a0f14c776480862c3e082e7c84 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Mon, 07 Feb 2022 16:30:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0usUoK4odWL4ZLUuwiwNKKyAjyBBW3aeOYNsuYG4fTW7LRhK6z0ehTRhRkMf0prhPzcGnjWtvjz3sUWKONBWrgJzgpk1eyiMdLW61DgHrA%2BYIcWQKSNSyVjAnAqX2gN85cXV7k2RUK6HWO2r"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a1595f5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 179899 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	Banniere_WEB_OI.jpg www.citim.org/images/2022/	241 KB 242 KB	468ms 464ms	Image image/jpeg	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2022/Banniere_WEB_OI.jpg Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c80f9c024aafc10a811aeef1953cf2354e7b12c240deb950592affb508269aa Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Mon, 31 Jan 2022 20:28:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maP4dYBtbZSXz3rxSkM8IzPR1niY%2FPiaLo1jPHmOBBuA1A1KXlWi8gz3jtqi0sUsbHBH76Hx13WsCK6fO3JC7H5efovW4cs5TbGd9s4QOE7vPENCl1tBS%2FJHoJwQ8I7dE5SpyNmQMk1Bi4Q5"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159605c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 246899 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	Banniere_WEB_Offres.jpg www.citim.org/images/2022/	190 KB 191 KB	472ms 468ms	Image image/jpeg	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2022/Banniere_WEB_Offres.jpg Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a5ae1a49e08196331db4ebd9ab80c320db8cc4ba952fcd63ade77c37b4631c4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Mon, 31 Jan 2022 20:39:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaBqSE33NlEPPmyGvHWwo6Wrd2jqmrJmoJLICRhIdHetFo%2F0AFy57A4Ey%2FgXZO2%2BzpTIBPzrD55S7MZgySixyTHRU6OUwjx01B2Z0e%2BQkAEJBOb29GS8LjNryKzsBtJ9o0iqtLxvKi6VfKFt"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159615c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 195058 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	Banniere_WEB_Berri20.png www.citim.org/images/2022/	386 KB 387 KB	452ms 449ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2022/Banniere_WEB_Berri20.png Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48f710f3ba5d0af7b550f61a3b43e857543843444fdad8f88de688b24fdd9f61 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Thu, 01 Sep 2022 19:19:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=603OGiHnsZOWtyElQ0eg%2Fy5zjY9KAOm3VpoYLqN9Y6ykejEAJ%2BEx2c0AgQma0BPbLpM%2F%2FVbpjgmS1vBnfcSj0QYIlPIRueIy1aDpZpMQcWfB38dPQ3zfsCUxDaoR3mWO%2FET2GgRE9zLAX4yD"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159625c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 395228 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	system.css www.citim.org/media/system/css/	1 KB 843 B	18ms 17ms	Stylesheet text/css	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/media/system/css/system.css Requested by Host: www.citim.org URL: https://www.citim.org/t3-assets/css/css-506de-90516.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f26ecfc3fa7e6ee6de449aa3a121e113a05d64f2d0e7c379a9c2373451069ef Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/t3-assets/css/css-506de-90516.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:42 GMT content-encoding br cf-cache-status HIT last-modified Sun, 14 Aug 2022 15:21:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21509 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXbF%2BUP1odzEvi64MFJA6t1mfw40NsjdCMvSqPLPAYxZMEbM27%2FggGLr3YBdf7K39TM1hK4VvBO05GVMT8ga3nu1xmT5CrQyz81p%2BuJVgmqskX4frhEu9ng1izJ31SGuXLE22VB9rXGgIaUH"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 7b3f579f980c5c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:13 GMT
GET H2	200	carrousel--page-daccueil.png www.citim.org/images/2023/03/03/	441 KB 442 KB	479ms 476ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2023/03/03/carrousel--page-daccueil.png Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 151c816d8b3908d216fdb21760ebb0132f3d2f0ba5ad73ff656a91e45d6895f5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 03 Mar 2023 17:43:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5%2FaI74eZC004480uLWu%2FXf221dxwDAisHE2GnSVXvq2MrUH6%2BZRt3S0DdMsKv6IsNYVGfXW4DAaAHCbP7iHsUxSU4EGZTipgC7vBywfb7rMw6up6%2FkXJirgxgM8jsDiladEX3CCFAqwl3AR"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159635c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 451564 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	email-decode.min.js Show response www.citim.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	9ms 9ms	Script application/javascript	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 04 Apr 2023 10:03:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"642bf60d-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89GZumHT4ahtXmWLCdJIEyPNjmU1vQbld7C%2F%2BjkSjLP2hpuPfY1BTiM0JxJ3LRkrIl1MZpKOY0sM4m8oe9ndbx%2FUImckoN5P4GZuRIvHPmNyCnytS6JsYHvgdy2KHZljz1NKcQitlySzqWzZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7b3f57a119205c56-FRA expires Sun, 09 Apr 2023 03:56:43 GMT
GET H2	200	promo-banque-nationale.jpg www.citim.org/images/2021/12/31/	126 KB 126 KB	459ms 456ms	Image image/jpeg	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2021/12/31/promo-banque-nationale.jpg Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9988fdc0f2712ff26f02c8a5a08f4031e04f65e48aaf4905a04285bc6074a008 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 31 Dec 2021 23:07:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4jz8pBjNGdF1pTGmGjdHk8Pc1YLo9y78%2FV0VGuoVYX1WLK2KxmeZ0%2F9PeG93IDF6Tbt6VCKIOdBjZRQjhkxj3iHvcaNPa%2Fd80ezyEuHw15XjV%2B3obAPT48MjsmHBT4LMxSkqr5nXUuIhJpx"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159645c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 129048 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	voir-plus-loin-integration-immigrants-citim-emploi-montreal-quebec.png www.citim.org/images/2017/04/26/	19 KB 20 KB	383ms 380ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/images/2017/04/26/voir-plus-loin-integration-immigrants-citim-emploi-montreal-quebec.png Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ea31b66f425be976e904d5feb1148eda5da590432e072f975d7fc40b14bf3c8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 31 Dec 2021 15:30:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw9rJyQLyalc99pNHvWDO80gW3Crm24SH0JUuSMFM4si21qu%2FORn850obS12%2Fzb%2F%2F1pXrUu3Rv5OrVl8EehNzkYnv7ekkIHDJZr39G%2BeddnLQpQZaxsVxZtZUcRePvcY7tWz8IJMRFok%2Fr40"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a159655c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19895 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	353 KB 114 KB	148ms 10ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Fri, 07 Apr 2023 03:56:43 GMT last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript cache-control public, max-age=600 x-host s7.addthis.com content-length 116328
GET H2	200	21203917.js Show response js-na1.hs-scripts.com/	978 B 813 B	173ms 133ms	Script application/javascript	2606:4700::6812:863b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js-na1.hs-scripts.com/21203917.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96c4c76821338bf642b387b82097d9209e3aaf8398096227cf80026a590dfa42 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 07 Apr 2023 00:08:27 GMT server cloudflare x-hubspot-correlation-id 496d9fcf-8e67-4090-b996-96e88f27c1c4 x-trace 2B5DE86BF886CE3A7EAC5CC7D4E06B7D8E0D88AA87000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.citim.org cache-control public, max-age=30 access-control-allow-credentials true cf-ray 7b3f57a18e295b2c-FRA
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	31ms 7ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.citim.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:31:04 GMT x-content-type-options nosniff age 235538 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:31:04 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	4 KB 2 KB	193ms 33ms	XHR application/json	34.247.212.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1E24776A524450D90A490D44%40AdobeOrg&d_nsid=0&ts=1680839803086 Requested by Host: www.bnc.ca URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.212.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-212-232.eu-west-1.compute.amazonaws.com Software / Resource Hash 2bded979e11d724698d2e08d1d276b3f80659ae8c7e1310aa92022c617fc20cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.citim.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v046-0f71a5189.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID Oh8hpY9QThs= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.citim.org Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1306 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	gtm.js Show response www.googletagmanager.com/	128 KB 49 KB	45ms 21ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M48L2TX Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 27e23263313f98e9262c08e527e2df359d7c7b19175392bc2e3e9b607ae091a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50102 x-xss-protection 0 last-modified Fri, 07 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 07 Apr 2023 03:56:43 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	31ms 7ms	Script text/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 07 Apr 2023 02:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 6691 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 07 Apr 2023 04:05:12 GMT
GET H2	200	fontawesome-webfont.woff2 www.citim.org/templates/porto/fonts/font-awesome/fonts/	65 KB 65 KB	15ms 15ms	Font font/woff2	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/templates/porto/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0 Requested by Host: www.citim.org URL: https://www.citim.org/t3-assets/css/css-206b3-64637.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Request headers Referer https://www.citim.org/t3-assets/css/css-206b3-64637.css Origin https://www.citim.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status HIT last-modified Fri, 31 Dec 2021 15:30:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21509 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLZooXe36QxSuVVA0PyRmrFjF%2FoTI%2B7xp0vfSB3FlEocIZpcb30LXIePjwh%2BDjuFtg1h8H%2ByKAbEs64EZUI0LkYsou%2BxjpB53Q%2FCvryIZG12AeDcQuEZdpke%2Bns0ZyQoXgVfjv0xy60cNZUl"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=31536000, public cf-ray 7b3f57a159665c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:13 GMT
GET H2	200	UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 fonts.gstatic.com/s/shadowsintolight/v15/	16 KB 16 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Shadows+Into+Light Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.citim.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 10:43:14 GMT x-content-type-options nosniff age 234809 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16296 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:55:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Apr 2024 10:43:14 GMT
GET H2	200	logo-footer.png www.citim.org/templates/porto/images/joomlabuff/	18 KB 19 KB	375ms 374ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/templates/porto/images/joomlabuff/logo-footer.png Requested by Host: www.citim.org URL: https://www.citim.org/t3-assets/css/css-506de-90516.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0bd16d841f25830c713b7e349d90b12cc9e27a827e0b98d710e59de332f4812 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/t3-assets/css/css-506de-90516.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 31 Dec 2021 15:30:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y5n0SSBKyhP9yzhkhykRONqj%2FU2O0vMcu4GRYmscDaHH5IpX53UVdPUBFo0KwG3CdyKNIsrtVRKL2s51aIrRnm2gkSyHGXn7KuskGNPuujC0ng6gSl41%2F0s66nfjd1Yzm6a7g%2B2cMsDJuwo"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a23a095c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18770 expires Sat, 06 Apr 2024 03:56:43 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 208 B	15ms 14ms	XHR text/plain	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1597200545&t=pageview&_s=1&dl=https%3A%2F%2Fwww.citim.org%2F&ul=en-us&de=UTF-8&dt=Immigrer%20au%20Canada%20%3A%20Votre%20service%20d%27aide%20%C3%A0%20l%27emploi%20%C3%A0%20Montr%C3%A9al%20-%20CITIM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=969042091&gjid=64888522&cid=1038363615.1680839803&tid=UA-100225561-1&_gid=870099474.1680839803&_r=1&_slc=1&z=2104068015 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.citim.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.citim.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	46ms 7ms	Script application/x-javascript	2.19.229.113 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.229.113 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-229-113.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers unused62 8096267 date Fri, 07 Apr 2023 03:56:43 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id D5503D14AA2F06AA etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=54921 accept-ranges bytes content-length 948 x-amz-id-2 JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	30ms 9ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 07 Apr 2023 03:56:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27909 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug m4WxxtlJ1aOxgM7ApFhCwsvu5P5giFjWMdJoozvwaWPF9HaxCK0Kp0iCoAFsCsYzwAi1MYBLpk7QB8DF9lsaRg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 345 B	104ms 34ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-100225561-1&cid=1038363615.1680839803&jid=969042091&gjid=64888522&_gid=870099474.1680839803&_u=IEBAAEAAAAAAACAAI~&z=1533853634 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.citim.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 07 Apr 2023 03:56:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.citim.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dest5.html Show response nationalbankofcanada.demdex.net/ Frame 4B3E	7 KB 3 KB	162ms 34ms	Document text/html	52.16.141.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=undefined Requested by Host: www.bnc.ca URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.16.141.94 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-141-94.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.citim.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-2-v046-070ee2004.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID qotLoCZ4Sek= content-encoding gzip date Fri, 7 Apr 2023 03:56:43 GMT last-modified Wed, 8 Feb 2023 11:53:45 GMT vary accept-encoding
GET H2	200	id Show response nationalbankofcanada.d2.sc.omtrdc.net/	2 B 266 B	82ms 22ms	XHR application/x-javascript	15.236.117.205 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.d2.sc.omtrdc.net/id?d_visid_ver=1.10.0&d_fieldgroup=A&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&mid=61962791764442492353770547890738520091&ts=1680839803329 Requested by Host: www.bnc.ca URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-236-117-205.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.citim.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 07 Apr 2023 03:56:43 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://www.citim.org p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=ZC_UewAAAJ6jQAOY dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=66363414231238772394447079359660894719 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZC_UewAAAJ6jQAOY	42 B 942 B	42ms 32ms	Image image/gif	34.247.212.232 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZC_UewAAAJ6jQAOY Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 34.247.212.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-212-232.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v046-0b57eb040.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID GNyBe7CiTAQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZC_UewAAAJ6jQAOY Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	coloredbg.png www.citim.org/media/com_uniterevolution2/assets/rs-plugin/assets/	184 B 489 B	294ms 293ms	Image image/png	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.citim.org/media/com_uniterevolution2/assets/rs-plugin/assets/coloredbg.png Requested by Host: www.citim.org URL: https://www.citim.org/t3-assets/css/css-153b2-61807.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2284224ce3426c26d4caa902989107ba3200dbd24d4ace60ccb2bad033f000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/t3-assets/css/css-153b2-61807.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status MISS last-modified Fri, 31 Dec 2021 15:30:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q06e7kXl%2BrbNExwz0fIh%2B7vZ4%2FO2dlHth4Dornj21FMcUaYkMhiEVLGm8wiLInQKC0UjXIpN9w1GXnk8ETK7OwPsYivQNd%2BSdcvNSXjMStM6WtaBDNb9ZsqCSEMQfEBlhn4fY7qFKVcxKZ9%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000, public accept-ranges bytes cf-ray 7b3f57a31ac75c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 184 expires Sat, 06 Apr 2024 03:56:43 GMT
GET H2	200	revicons.woff www.citim.org/media/com_uniterevolution2/assets/rs-plugin/font/	7 KB 8 KB	14ms 13ms	Font font/woff	2606:4700:3032::6815:2483 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.citim.org/media/com_uniterevolution2/assets/rs-plugin/font/revicons.woff?5510888 Requested by Host: www.citim.org URL: https://www.citim.org/t3-assets/css/css-153b2-61807.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:2483 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686 Request headers Referer https://www.citim.org/t3-assets/css/css-153b2-61807.css Origin https://www.citim.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT cf-cache-status HIT last-modified Fri, 31 Dec 2021 15:30:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 21509 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIymVHwTjATMOdQBplQtkAn3NvOi6mWY3deSo3Y3F1qFP8WTVw4p9uYiZOFVebdRJDwh8GGxnT8wMQPPr4iKp53Iz8gkesqWB6b80sV22GKHMlvHidHYlFBHRUOg9P0%2FSNbdDTALMMdbUP0F"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=31536000, public cf-ray 7b3f57a32ad35c56-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 05 Apr 2024 21:58:14 GMT
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/ra-59bfda10c34995ac/	2 KB 834 B	256ms 44ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/ra-59bfda10c34995ac/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software / Resource Hash 0e89eb1aa93f786ae263729d582eacb1361ddf5613969fb5b2bcdb4a2bfae908 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT content-encoding gzip etag 477512735--gzip vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=20, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 659
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	90 B 250 B	506ms 174ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=642f947b2d71ba00&bkl=0&bl=1&pdt=803&sid=642f947b2d71ba00&pub=ra-59bfda10c34995ac&rev=v8.28.8-wp&ln=fr&pc=men&cb=0&ab=-&dp=www.citim.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Immigrer%20au%20Canada%2CNouveaux%20arrivants%2CEmploi%2CR%C3%A9sidents%20permanents%2CPVT%2CIng%C3%A9nieurs%2CMontr%C3%A9al%2CCanada&colc=1680839803399&jsl=1&uvs=642f947b5dccedb6000&skipb=1&callback=addthis.cbs.jsonp__068024726372599930 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software / Resource Hash 22fa92f47e403410ab06b5547ab288d8edc3e6d9660cfaafc94f4593ea605fdc Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt content-length 90 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame AB3F	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame B4D3	71 KB 26 KB	11ms 10ms	Document text/html	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.citim.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=86313600 content-encoding gzip content-length 26421 content-type text/html date Fri, 07 Apr 2023 03:56:43 GMT etag W/"5f971164-11adc" last-modified Mon, 26 Oct 2020 18:11:48 GMT p3p CP="NON ADM OUR DEV IND COM STA" server nginx/1.15.8 strict-transport-security max-age=15724800; includeSubDomains timing-allow-origin * vary Accept-Encoding x-host s7.addthis.com
GET H2	200	client.fr.min.json Show response s7.addthis.com/l10n/	4 KB 2 KB	39ms 10ms	XHR application/json	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/l10n/client.fr.min.json Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash a362f69b2d3a4c7524c423ce51bcee34a234354552e150be760bd91be2f0084b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Fri, 07 Apr 2023 03:56:43 GMT last-modified Tue, 10 Sep 2019 15:15:17 GMT server nginx/1.15.8 etag W/"5d77be05-fb9" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, s-maxage=604800 x-host s7.addthis.com timing-allow-origin * content-length 1924
GET H2	200	21203917.js Show response js.hs-analytics.net/analytics/1680839700000/	65 KB 20 KB	185ms 153ms	Script text/javascript	2606:4700::6810:89ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1680839700000/21203917.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/21203917.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6b9032dd48c347e34d1ae343496b6fa00dfe7f44d414ca26be79483ba7e9e85 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id HY3VPRM9130H69RF x-amz-server-side-encryption AES256 x-amz-id-2 E2vOlFLSXFUDC4b2rncE8TDXnLMTursF2T3V7dPblgUsV6cRJv58UzzM2nZLCDca6LB04UKNMik= last-modified Thu, 23 Mar 2023 17:19:31 GMT server cloudflare etag W/"cb90df5bdbb024e32c72c9c5c6f38d6a" vary origin, Accept-Encoding content-type text/javascript cache-control max-age=300, public access-control-allow-credentials false cf-ray 7b3f57a38bf09b51-FRA expires Fri, 07 Apr 2023 04:01:43 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/21203917/	208 KB 64 KB	428ms 386ms	Script text/javascript	2606:4700::6812:19c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/21203917/banner.js Requested by Host: js-na1.hs-scripts.com URL: https://js-na1.hs-scripts.com/21203917.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fd2f0c1c5ab213919756f8385b6964ec354cfefb19e2da16eef632aa3e862ea Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:43 GMT x-amz-version-id OnBrmidG3aqI7W5yDB1lFpCUdtPKbOIv content-encoding br cf-cache-status REVALIDATED x-amz-request-id AD0N7ZCDBJS0J6JG x-amz-server-side-encryption AES256 x-amz-id-2 MuQd2VPTtq/DDoU1ftmWJnTI9R8Ao7f+N/+jECO4lfyrDhldE48/gr77ZLD/pK/Xn9V6HUBD39M= last-modified Fri, 10 Mar 2023 19:15:55 GMT server cloudflare etag W/"d46d3853e52d823c412933a6a7cf4a9e" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://citim.org access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7b3f57a39bf7373c-FRA expires Fri, 07 Apr 2023 04:01:43 GMT
GET H2	200	s35753465374373 nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcapartner-sites/1/JS-1.7.0/	43 B 201 B	23ms 22ms	Image image/gif	15.236.117.205 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcapartner-sites/1/JS-1.7.0/s35753465374373?AQB=1&ndh=1&pf=1&t=7%2F3%2F2023%203%3A56%3A43%205%200&mid=61962791764442492353770547890738520091&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.citim.org%2F&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c11=11%3A30pm&v11=D%3Dc11&c12=thursday&v12=D%3Dc12&v70=citim.org&c75=61962791764442492353770547890738520091&v75=61962791764442492353770547890738520091&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-236-117-205.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT x-content-type-options nosniff last-modified Sat, 08 Apr 2023 03:56:43 GMT server jag etag 3609575992033542144-4619808424442131530 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Thu, 06 Apr 2023 03:56:43 GMT
GET H2	200	1016499885619496 Show response connect.facebook.net/signals/config/	377 KB 108 KB	75ms 74ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1016499885619496?v=2.9.100&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a70f4fc536988955cd9fdcd3e65659a290dda2847211242f8619d4aec73fda06 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 07 Apr 2023 03:56:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug AtCdQif9KMAKFFp0jpGAXwcf/104k6fBjUKE0J6M93SumpMCS0NozS54MV5hCVkNA1/vfp2qAAQZOvx9xDH1dg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=771&dpuuid=CAESEAu7h0ngXXnmC5DjQZYvsUI&google_cver=1 dpm.demdex.net/ Frame 4B3E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzNjM0MTQyMzEyMzg3NzIzOTQ0NDcwNzkzNTk2NjA4OTQ3MTk= https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjYzNjM0MTQyMzEyMzg3NzIzOTQ0NDcwNzkzNTk2NjA4OTQ3MTk=&google_tc= https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAu7h0ngXXnmC5DjQZYvsUI&google_cver=1?gdpr=0&gdpr_consent=	42 B 942 B	33ms 33ms	Image image/gif	34.247.212.232 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAu7h0ngXXnmC5DjQZYvsUI&google_cver=1?gdpr=0&gdpr_consent= Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 34.247.212.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-212-232.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v046-0138048db.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID CSbZL/+TTV4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAu7h0ngXXnmC5DjQZYvsUI&google_cver=1?gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFBZnlycUhJTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEG7dmPkMhgsPLlRWJ6D2KGI&google_cver=1 https://pixel.everesttech.net/1x1	128 B 796 B	30ms 29ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCTFdnNGdJNw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEG... https://pixel.everesttech.net/1x1	128 B 691 B	30ms 29ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWZ3QUFBTDNoQEgwTw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26... https://pixel.everesttech.net/1x1	128 B 691 B	32ms 29ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "36b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	/ www.facebook.com/tr/	0 185 B	27ms 8ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1016499885619496&ev=PageView&dl=https%3A%2F%2Fwww.citim.org%2F&rl=&if=false&ts=1680839803591&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680839803590.283450336&it=1680839803483&coo=false&rqm=GET Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 07 Apr 2023 03:56:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCY3RkRjNJSw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2... https://pixel.everesttech.net/1x1	128 B 691 B	35ms 31ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "36b516-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCU1l6aXlXTg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb... https://pixel.everesttech.net/1x1	128 B 691 B	36ms 32ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	ibs:dpid=1957&dpuuid=18F11E944221691136BC0C7843AA688F dpm.demdex.net/ Frame 4B3E Redirect Chain https://c.bing.com/c.gif?uid=66363414231238772394447079359660894719&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1957&dpuuid=18F11E944221691136BC0C7843AA688F	42 B 942 B	32ms 32ms	Image image/gif	34.247.212.232 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1957&dpuuid=18F11E944221691136BC0C7843AA688F Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 34.247.212.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-212-232.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v046-06ab52116.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID JTaamtI2Tmw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 647D328239BA4D13B3B7178BB4837B93 Ref B: FRA31EDGE0213 Ref C: 2023-04-07T03:56:43Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://dpm.demdex.net/ibs:dpid=1957&dpuuid=18F11E944221691136BC0C7843AA688F cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 4B3E Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkNAVWV3QUFCTVkza0Zzcg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_... https://pixel.everesttech.net/1x1	128 B 691 B	35ms 33ms	Image image/png	54.78.156.59 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 54.78.156.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-156-59.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "36b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Fri, 07 Apr 2023 03:56:43 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	layers.fa6cd1947ce26e890d3d.js Show response s7.addthis.com/static/	263 KB 76 KB	12ms 12ms	Script application/javascript	23.206.208.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-208-114.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Fri, 07 Apr 2023 03:56:43 GMT last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-41cf5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 x-host s7.addthis.com timing-allow-origin * content-length 77617
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 4B3E Redirect Chain https://usermatch.krxd.net/um/v2?partner=adobe&id=66363414231238772394447079359660894719 https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66363414231238772394447079359660894719	0 338 B	149ms 33ms	Image text/plain	52.19.31.117 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66363414231238772394447079359660894719 Protocol H2 Server 52.19.31.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-31-117.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-served-by beacon-n003-dub-prod.krxd.net date Fri, 07 Apr 2023 03:56:44 GMT cache-control private, no-cache, no-store x-request-time D=33 t=1680839804 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66363414231238772394447079359660894719 date Fri, 07 Apr 2023 03:56:43 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a011-ash-prod.krxd.net
GET H3	200	pixel cm.g.doubleclick.net/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkNfVWV3QUFBSjZqUUFPWQ==	170 B 188 B	19ms 19ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkNfVWV3QUFBSjZqUUFPWQ== Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-hhn-etou8220036-HHN pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 varnish server Varnish x-timer S1680839804.718914,VS0,VE0 x-cache HIT location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkNfVWV3QUFBSjZqUUFPWQ== cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZC_UewAAAJ6jQAOY&expires=90	0 239 B	47ms 9ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZC_UewAAAJ6jQAOY&expires=90 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 5b959e9b7aef6dd90a6fa539ca64ac62 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-hhn-etou8220036-HHN pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 varnish server Varnish x-timer S1680839804.720043,VS0,VE0 x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZC_UewAAAJ6jQAOY&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY&C=1	43 B 766 B	8ms 8ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY&C=1 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Apr 2023 03:56:43 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Fri, 07 Apr 2023 03:56:43 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=88&external_user_id=ZC_UewAAAJ6jQAOY&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=ZC_UewAAAJ6jQAOY https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZC_UewAAAJ6jQAOY	43 B 1 KB	16ms 16ms	Image image/gif	185.89.210.122 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZC_UewAAAJ6jQAOY Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol HTTP/1.1 Server 185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Apr 2023 03:56:43 GMT AN-X-Request-Uuid 80af50cd-0308-48a4-92c1-2b40ff2d5c3e Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 07 Apr 2023 03:56:43 GMT AN-X-Request-Uuid 487fe2a7-dd3f-480c-9a35-e90abca228bf Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZC_UewAAAJ6jQAOY Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZC_UewAAAJ6jQAOY	43 B 273 B	57ms 17ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZC_UewAAAJ6jQAOY Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers x-served-by cache-hhn-etou8220036-HHN pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 varnish server Varnish x-timer S1680839804.766353,VS0,VE0 x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZC_UewAAAJ6jQAOY cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZC_UewAAAJ6jQAOY	1 B 453 B	81ms 18ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZC_UewAAAJ6jQAOY Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Fri, 07 Apr 2023 03:56:43 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers x-served-by cache-hhn-etou8220036-HHN pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 varnish server Varnish x-timer S1680839804.780569,VS0,VE0 x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZC_UewAAAJ6jQAOY cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1&__user_check__=1&sync_id=35e4e0ec-d4f8-11ed-8034-180e33a50406	43 B 548 B	27ms 27ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1&__user_check__=1&sync_id=35e4e0ec-d4f8-11ed-8034-180e33a50406 Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 03:56:43 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 21 Connection keep-alive Content-Length 43 Redirect headers Date Fri, 07 Apr 2023 03:56:43 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location /partner?adv_id=6409&uid=ZC_UewAAAJ6jQAOY&img=1&__user_check__=1&sync_id=35e4e0ec-d4f8-11ed-8034-180e33a50406 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 59 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame 4B3E Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZC_UewAAAJ6jQAOY&t=2592000&o=0	43 B 675 B	42ms 41ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZC_UewAAAJ6jQAOY&t=2592000&o=0 Requested by Host: www.citim.org URL: https://www.citim.org/ Protocol H2 Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 20:56:43 PDT content-encoding br x-content-type-options nosniff strict-transport-security max-age=15552000; preload document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 pragma public x-fb-debug 5J2nrtB5fOIXbD6gNLkRVIaAK5rhRdIX0+KTY1sT/gCN+7m62ir5fKUmrwIUbO+HEW98edk4eIv7TVboXYO2kA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type image/gif origin-agent-cluster ?0 cache-control public, max-age=0 expires Thu, 06 Apr 2023 20:56:43 PDT Redirect headers x-served-by cache-hhn-etou8220036-HHN pragma no-cache date Fri, 07 Apr 2023 03:56:43 GMT via 1.1 varnish server Varnish x-timer S1680839804.811121,VS0,VE0 x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZC_UewAAAJ6jQAOY&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	ibs:dpid=275754&dpuuid=AAD9Yk7IXykAACMmF1r3xw dpm.demdex.net/ Frame 4B3E Redirect Chain https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAD9Yk7IXykAACMmF1r3xw?gdpr=0	42 B 942 B	33ms 33ms	Image image/gif	34.247.212.232 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAD9Yk7IXykAACMmF1r3xw?gdpr=0 Protocol HTTP/1.1 Server 34.247.212.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-212-232.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://nationalbankofcanada.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v046-08c4fb115.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID M8vcIPKvSoc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers location https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAD9Yk7IXykAACMmF1r3xw?gdpr=0 Date Fri, 07 Apr 2023 03:56:43 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn Connection keep-alive Content-Length 0
GET H2	200	__ptq.gif track.hubspot.com/	45 B 897 B	155ms 127ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3897811554&v=1.1&a=21203917&pu=https%3A%2F%2Fwww.citim.org%2F&t=Immigrer+au+Canada+%3A+Votre+service+d%27aide+%C3%A0+l%27emploi+%C3%A0+Montr%C3%A9al+-+CITIM&cts=1680839803925&vi=e860213bd20117c5b5fe74f90edfe480&nc=true&u=186204918.e860213bd20117c5b5fe74f90edfe480.1680839803917.1680839803917.1680839803917.1&b=186204918.1.1680839803918&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.citim.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Fri, 07 Apr 2023 03:56:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id 20893ec0-9b49-441c-8225-e091b16bf6d8 p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYG1ZE34G2CuMXzaB6DCDnZG7lyfR2cG3mKeVDIs1T1R0fMzfzF6vrpmo7na4jP%2B2xGNDOv5NZ5J%2F47QGgpwt9YWx9hE%2BpMKjztPMX3KfwfXdFEL0B1QccfVPsV9DYXGMbBRUSbXJrbipheUO9ja"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7b3f57a6bfa76901-FRA x-robots-tag none
POST H3	200	/ Show response www.facebook.com/tr/ Frame 3D0F	0 17 B	8ms 7ms	Document text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.citim.org Referer https://www.citim.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.citim.org alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Fri, 07 Apr 2023 03:56:44 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html