Submitted URL: http://explorenb.ca/
Effective URL: https://tourismnewbrunswick.ca/choose-your-language
Submission Tags: @phish_report
Submission: On August 06 via api from FI — Scanned from CA

Summary

This website contacted 28 IPs in 3 countries across 22 domains to perform 56 HTTP transactions. The main IP is 159.203.33.67, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is tourismnewbrunswick.ca.
TLS certificate: Issued by E5 on June 7th 2024. Valid for: 3 months.
This is the only time tourismnewbrunswick.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 159.203.33.67 14061 (DIGITALOC...)
4 104.17.25.14 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 2600:1408:ec0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 23.221.240.246 16625 (AKAMAI-AS)
1 18.67.60.119 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
1 151.101.1.140 54113 (FASTLY)
1 151.101.193.140 54113 (FASTLY)
1 209.85.144.156 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 173.194.204.94 15169 (GOOGLE)
2 68.67.179.153 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.196.142.213 14618 (AMAZON-AES)
1 142.251.174.105 15169 (GOOGLE)
3 151.101.192.84 54113 (FASTLY)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 2600:1f10:4c2... 14618 (AMAZON-AES)
1 23.220.128.196 16625 (AKAMAI-AS)
1 2 3.33.220.150 16509 (AMAZON-02)
56 28
Apex Domain
Subdomains
Transfer
9 tourismnewbrunswick.ca
tourismnewbrunswick.ca
729 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 1235
5 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
4 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
37 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
64 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2631
insight.adsrvr.org — Cisco Umbrella Rank: 1486
match.adsrvr.org — Cisco Umbrella Rank: 505
6 KB
3 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 961
ib.adnxs.com — Cisco Umbrella Rank: 383
9 KB
3 gstatic.com
fonts.gstatic.com
72 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
291 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 podscribe.com
ipv4.podscribe.com — Cisco Umbrella Rank: 15932
verifi.podscribe.com — Cisco Umbrella Rank: 12213
820 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
2 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1417
25 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 14794
prism.app-us1.com — Cisco Umbrella Rank: 14871
11 KB
1 trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 15421
315 B
1 cloudfront.net
d34r8q7sht0t9k.cloudfront.net
3 KB
1 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
1 explorenb.ca
explorenb.ca
260 B
56 22
Domain Requested by
9 tourismnewbrunswick.ca tourismnewbrunswick.ca
4 ct.pinterest.com s.pinimg.com
4 fonts.googleapis.com tourismnewbrunswick.ca
4 cdnjs.cloudflare.com tourismnewbrunswick.ca
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com tourismnewbrunswick.ca
www.googletagmanager.com
2 www.facebook.com tourismnewbrunswick.ca
2 ib.adnxs.com acdn.adnxs.com
tourismnewbrunswick.ca
2 www.google.ca tourismnewbrunswick.ca
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net tourismnewbrunswick.ca
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
1 match.adsrvr.org js.adsrvr.org
1 insight.adsrvr.org 1 redirects
1 verifi.podscribe.com tourismnewbrunswick.ca
1 www.google.com tourismnewbrunswick.ca
1 ipv4.podscribe.com d34r8q7sht0t9k.cloudfront.net
1 trackcmp.net diffuser-cdn.app-us1.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 alb.reddit.com tourismnewbrunswick.ca
1 pixel-config.reddit.com www.redditstatic.com
1 d34r8q7sht0t9k.cloudfront.net tourismnewbrunswick.ca
1 js.adsrvr.org www.googletagmanager.com
1 acdn.adnxs.com tourismnewbrunswick.ca
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 diffuser-cdn.app-us1.com tourismnewbrunswick.ca
1 kit.fontawesome.com tourismnewbrunswick.ca
1 explorenb.ca 1 redirects
56 30

This site contains links to these domains. Also see Links.

Domain
tourismenouveaubrunswick.ca
Subject Issuer Validity Valid
tourismnewbrunswick.ca
E5
2024-06-07 -
2024-09-05
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-01-27
6 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
diffuser-cdn.app-us1.com
E5
2024-07-26 -
2024-10-24
3 months crt.sh
prism.app-us1.com
E6
2024-07-15 -
2024-10-13
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-23 -
2024-11-18
6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-02 -
2025-08-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-15 -
2024-08-13
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-05-30 -
2024-11-26
6 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.ca
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
trackcmp.net
WE1
2024-07-26 -
2024-10-24
3 months crt.sh
ipv4.podscribe.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-27
a year crt.sh
*.podscribe.com
Amazon RSA 2048 M02
2024-05-26 -
2025-06-24
a year crt.sh

This page contains 3 frames:

Primary Page: https://tourismnewbrunswick.ca/choose-your-language
Frame ID: 14D8900A9956947CC068200D497D4E2F
Requests: 54 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4C00B6B1DC29E5147543EA00A7653603
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0
Frame ID: ECD5A1978FB3FB668CE3F90A28CC50BB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Choose Your Language / #ExploreNB / Tourism New Brunswick

Page URL History Show full URLs

  1. http://explorenb.ca/ HTTP 307
    https://explorenb.ca/ HTTP 301
    http://tourismnewbrunswick.ca/choose-your-language HTTP 307
    https://tourismnewbrunswick.ca/choose-your-language Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

56
Requests

100 %
HTTPS

50 %
IPv6

22
Domains

30
Subdomains

28
IPs

3
Countries

1286 kB
Transfer

3364 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://explorenb.ca/ HTTP 307
    https://explorenb.ca/ HTTP 301
    http://tourismnewbrunswick.ca/choose-your-language HTTP 307
    https://tourismnewbrunswick.ca/choose-your-language Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://insight.adsrvr.org/track/up?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request choose-your-language
tourismnewbrunswick.ca/
Redirect Chain
  • http://explorenb.ca/
  • https://explorenb.ca/
  • http://tourismnewbrunswick.ca/choose-your-language
  • https://tourismnewbrunswick.ca/choose-your-language
9 KB
9 KB
Document
General
Full URL
https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
6dd0e96df7198c382bd4064147c616284836c099e14066ed00210f630558f85a
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=31536000, public
cache-tags
config:block_list block_content:19 config:block.block.activecampaignmaincodeenglish config:block.block.activecampaignmaincodefrench config:block.block.footer config:block.block.footerbottomleftlegalprivacy block_content:8 config:block.block.footerbottomrightcopyright block_content:28 config:block.block.footercontactenglish config:block.block.footermiddleleftnewsletter block_content:6 config:block.block.footermiddlerightlogos block_content:4 config:block.block.footertoprightbacktotop config:block.block.socialmediaicons_2 block_content:2 config:block.block.socialmediaicons_3 config:block.block.alertplaceholder config:block.block.views_block__alert_banner_block_1 block_content:38 config:block.block.allroadtrips block_content:32 config:block.block.exploreallcitiesregions block_content:36 config:block.block.exploreallshopping block_content:34 config:block.block.exploreartscultureheritage block_content:35 config:block.block.explorefooddrink block_content:33 config:block.block.exploreoutdooradventures block_content:31 config:block.block.ourroots block_content:37 config:block.block.planyourvisit config:block.block.breadcrumbs config:block.block.footertopleftcontact config:block.block.itinerarypagejumplist config:block.block.mainnavigation node:2697 config:block.block.storiesmentionslink config:block.block.storytags config:block.block.topicjumplist config:block.block.views_block__article_date_block_1 config:block.block.views_block__event_address_block_1 config:block.block.views_block__event_address_block_4 config:block.block.views_block__event_sidebar_sidebar_eng config:block.block.views_block__festival_date_festival config:block.block.views_block__more_stories_block_1 config:block.block.views_block__right_sidebar_block_1 config:block.block.views_block__storyteller_block_1 config:block.block.views_block__storyteller_block_2 config:block.block.views_block__wiki_info_info config:block.block.wikijumplist config:block.block.july2021miqpixeldeliciousnewbrunswickrestaurants config:block.block.july2021miqpixelfamilyfriendlyrv config:block.block.july2021miqpixelgoplayinnewbrunswicksprovincialparks config:block.block.july2021miqpixeltop12coasthikesnb config:block.block.july2021miqpixelvireedanslapeninsuleacadienne config:block.block.views_block__deals_block_1 config:block.block.views_block__event_address_block_3 config:block.block.views_block__explore_block_1 config:block.block.views_block__festival_events_block_1 config:block.block.views_block__map_block_1 config:block.block.views_block__stories_itinerary config:block.block.views_block__stories_mentions config:block.block.views_block__stories_storyteller config:block.block.views_block__widgets_block_1 config:block.block.views_block__wiki_info_map config:block.block.views_block__wiki_info_photos config:block.block.views_block__wiki_listings_communities_map config:block.block.views_block__wiki_mentions_block_1 config:configurable_language_list config:block.block.languageswitcher config:block.block.mainmenudesktop config:block.block.megamenubutton config:block.block.socialmediaicons config:block.block.tourism_branding config:block.block.languageswitcher_2 config:block.block.mainmenu config:block.block.megamenu block_content:10 config:block.block.searchbox config:block.block.views_block__hero_image_block_1 config:block.block.views_block__hero_image_block_2 config:block.block.views_block__hero_image_block_3 config:block.block.views_block__hero_image_block_4 block_content:16 config:block.block.navbarsearchbutton block_content:29 config:block.block.searchboxmobile config:block.block.pagetitle config:block.block.pagetitle_2 config:block.block.pagetitle_3 config:block.block.views_block__city_province_block_1 config:block.block.views_block__event_address_block_2 config:block.block.wikitags config:block.block.sharewidgetblock config:block.block.sitebranding config:block.block.submitfestivalbuttoncta config:block.block.tourism_content config:block.block.tourism_help config:block.block.tourism_local_actions config:block.block.tourism_local_tasks config:block.block.tourism_messages config:block.block.tourism_page_title config:block.block.views_block__accessibility_parent_block_1 config:block.block.views_block__accessibility_view_block_1 config:block.block.views_block__deals_block_2 config:block.block.views_block__events_block_1 config:block.block.views_block__events_calendar config:block.block.views_block__festivals_carousel config:block.block.views_block__listing_hero_block_1 config:block.block.views_block__stories_block_1 config:block.block.views_block__storyteller_storytellers config:block.block.views_block__unpublished_festivals_and_events_block_1 config:block.block.views_block__wiki_listings_accomodations config:block.block.views_block__wiki_listings_block_1 config:block.block.views_block__wiki_listings_block_2 config:block.block.views_block__wiki_listings_block_3 user:0 config:block.block.views_block__wiki_moderation_block_1 config:block.block.views_block__wiki_moderation_block_2 config:block.block.views_block__wiki_moderation_block_3 config:block.block.webform config:block.block.webform_2 config:block.block.webform_3 config:message_banner.settings config:extlink.settings block_view node_view config:core.entity_view_display.node.page.default config:filter.format.javascript user:1 paragraph:2350 config:system.site local_task config:entity_clone.cloneable_entities rendered http_response config:user.role.anonymous
content-encoding
gzip
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 16:34:47 GMT
etag
"1722958400-gzip"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 06 Aug 2024 15:33:20 GMT
server
Apache/2.4.61 (Debian)
transfer-encoding
chunked
vary
Cookie,Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
HIT
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)

Redirect headers

Location
https://tourismnewbrunswick.ca/choose-your-language
Non-Authoritative-Reason
HttpsUpgrades
css_7GnatfnI0xCH3_CwSqiPjoTDCjz9E3Ye_9lKcPuEgts.css
tourismnewbrunswick.ca/sites/default/files/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/css/css_7GnatfnI0xCH3_CwSqiPjoTDCjz9E3Ye_9lKcPuEgts.css?delta=0&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
40610949be5b35c5fb5a6f09770fa1043811c44cc9b29b38f985b234ff69e6f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2024 12:05:00 GMT
server
Apache/2.4.61 (Debian)
etag
"8d5-61e9e052b7547"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2261
expires
Tue, 20 Aug 2024 16:34:48 GMT
css_De-DskQ4fJhi4jcTz3VC8AL_SL9Kz1vFbnkfxYRa8_E.css
tourismnewbrunswick.ca/sites/default/files/css/
448 B
704 B
Stylesheet
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/css/css_De-DskQ4fJhi4jcTz3VC8AL_SL9Kz1vFbnkfxYRa8_E.css?delta=1&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
9c4ae65c2d294d0474b5a3cf4b4be0122572890ca632e4f466b3572a4481f6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2024 11:57:47 GMT
server
Apache/2.4.61 (Debian)
etag
"127-61e9deb5c0e16"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
content-length
295
expires
Tue, 20 Aug 2024 16:34:48 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/
57 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
21287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10301
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-e4d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKn4BeYbgfj7kJcpdt2Djx%2FLDWcBbLcnI%2BQyKHntb9OMYN7A0uq0RJENQRN8PiiZ%2BtvG%2FoQE1kV7eu02ik0Iohp8d93zsOz7p0TLoBk6Jo4qTsW7FNXTqV4pFna3H3i2wfaJDubo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8af06fbc0af5abe5-YYZ
expires
Sun, 27 Jul 2025 16:34:48 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/
100 KB
19 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
20753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18752
last-modified
Mon, 27 Mar 2023 17:46:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6421d693-4940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYKGjzmdFneqOArlCLCcxY2kgQvBvO3QNLxZ1e1WOFSCNhCSMYm6CzQFgA8xZCp3EkQfv30x%2BfV961QjFE8L%2BGYDyVR1FFN62qyzFwZ%2FZHwXewqSLp1vVdxgHBOMJsR2wZY3IbDF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8af06fbc0af9abe5-YYZ
expires
Sun, 27 Jul 2025 16:34:48 GMT
css
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700|Montserrat:300,400,500,600,700
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099ffd05e5e16b76c5e8aad03d824d274565e6c94ffbdc93683a7526d90ea6dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 16:34:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 16:34:48 GMT
css_lIGUdgm12GUGmxyuKdB4DdDME5S_HV3d62ZuX-Gwk6g.css
tourismnewbrunswick.ca/sites/default/files/css/
952 KB
110 KB
Stylesheet
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/css/css_lIGUdgm12GUGmxyuKdB4DdDME5S_HV3d62ZuX-Gwk6g.css?delta=5&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
459f8e97dcc970e64a2a8a4f4fed78297d81e197983dec9d50cbf003457cda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2024 11:57:45 GMT
server
Apache/2.4.61 (Debian)
etag
"1b841-61e9deb3ea2db"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
content-length
112705
expires
Tue, 20 Aug 2024 16:34:48 GMT
ekko-lightbox.css
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/
7 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
328734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2408
last-modified
Mon, 04 May 2020 16:09:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e41-1be7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I994g%2FNOqojUea7cFv0TtY%2FuB0B2qTiNjAp6pUUO9YaDpHXfiUmb37CgnlwdrNTFL0Mt3smOOI4gTQSLSYtppbSiQVh9BxGxJootbW43aICUZFWPVW%2FRgIWxxv6j5oV%2BE6GfzRz8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8af06fbc0af6abe5-YYZ
expires
Sun, 27 Jul 2025 16:34:48 GMT
8c6727f9de.js
kit.fontawesome.com/
0
0
Script
General
Full URL
https://kit.fontawesome.com/8c6727f9de.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:123e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://tourismnewbrunswick.ca/
Origin
https://tourismnewbrunswick.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
vary
Accept-Encoding
cf-ray
8af06fbc28283400-YUL
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
content-length
22
x-request-id
F-kw5Ab5LTOCzhCYTJ9B
rsz_explorenb_logo_externalmarkets_notagline_rgb_reverse.png
tourismnewbrunswick.ca/sites/default/files/
5 KB
5 KB
Image
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/rsz_explorenb_logo_externalmarkets_notagline_rgb_reverse.png
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
4cbde85f355d7f5fe113b9917e4b5590b0de9f86b110ee761293130aa0c820bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 15:08:38 GMT
server
Apache/2.4.61 (Debian)
etag
"1418-6120def455354"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5144
expires
Tue, 20 Aug 2024 16:34:48 GMT
js_7h0E3ky0HDlUJJp6IT-SGKtOyLQpS9Fhgo5hMnuFEcs.js
tourismnewbrunswick.ca/sites/default/files/js/
186 KB
58 KB
Script
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/js/js_7h0E3ky0HDlUJJp6IT-SGKtOyLQpS9Fhgo5hMnuFEcs.js?scope=footer&delta=0&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
d79a0c9df9ee481a92d40b294dfdbeb197f4a5326f095c400365088f0bb7703d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2024 11:57:52 GMT
server
Apache/2.4.61 (Debian)
etag
"e546-61e9deba5d8a9"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
content-length
58694
expires
Tue, 20 Aug 2024 16:34:48 GMT
ekko-lightbox.min.js
cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/
14 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.min.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
635ad19704f34f92b98610817c01560010f8714d77406b9137a3f96a97d6cd5b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
330127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3757
last-modified
Mon, 04 May 2020 16:09:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e41-3961"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCkGjbyvr7GELuufBPk1fUYhrs7IzJOtb8vJnwc3stPFjZNolbSWwCKFoClS5ReYOGs9vekBEOfwiYlWke7tMDtalxVmUTVFVot57k7wynsqhOjKcT4VaMpvPGsNVQej%2Fs%2Fz0%2FKg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8af06fbc6b35abe5-YYZ
expires
Sun, 27 Jul 2025 16:34:48 GMT
js_0PI1sb51_OhT6a_HDMiuDPQre664R9kXim0vWHEveIk.js
tourismnewbrunswick.ca/sites/default/files/js/
8 KB
3 KB
Script
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/js/js_0PI1sb51_OhT6a_HDMiuDPQre664R9kXim0vWHEveIk.js?scope=footer&delta=2&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
77ae07f1d9f903294e680d0fe835243a3fd12ef8f604f48e04b4f87ef5f4161d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Aug 2024 11:59:22 GMT
server
Apache/2.4.61 (Debian)
etag
"92c-61e9df10a946d"
x-frame-options
SAMEORIGIN
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2348
expires
Tue, 20 Aug 2024 16:34:48 GMT
css2
fonts.googleapis.com/
19 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;600;700&family=Open+Sans:wght@300;400;700&display=swap
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/sites/default/files/css/css_lIGUdgm12GUGmxyuKdB4DdDME5S_HV3d62ZuX-Gwk6g.css?delta=5&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5038c1eeff3cad88d057447d096ddcf02619c8b8a0fce7aa92ee4ed8509de24f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 16:28:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 16:34:48 GMT
css2
fonts.googleapis.com/
5 KB
697 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/sites/default/files/css/css_lIGUdgm12GUGmxyuKdB4DdDME5S_HV3d62ZuX-Gwk6g.css?delta=5&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51865fd1e27f59a9887ad7a6cb65200f8a49e2193a1ce04f4cd0f0d56120b31e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 14:45:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 16:34:48 GMT
css
fonts.googleapis.com/
2 KB
613 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:wght@400;600;700&display=swap
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/sites/default/files/css/css_lIGUdgm12GUGmxyuKdB4DdDME5S_HV3d62ZuX-Gwk6g.css?delta=5&language=en&theme=tourism&include=eJxdzTsKwCAMANALSXMkiTWU0PghiaC3bweXdnzTK2SGF8WEtZJC-TDYMqcCCY2CYuYJqTU3V-zb5ksoeBvKVrZounC9IevoKMdmSNLOO3LHnPVt4OcHxwI2jw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3efd2285478ae411e589b6cc7097512899177c6b3e0961ddef906ad2996a05a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 16:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 16:34:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 16:34:48 GMT
gtm.js
www.googletagmanager.com/
307 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec103d7eb872de9c8b12a8cb1dcbe63028b0043403ef50439e4dd7c753b93671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105835
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 15:15:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 16:34:49 GMT
IrvingEcoCentreBroadwalk.jpg
tourismnewbrunswick.ca/sites/default/files/2022-03/
524 KB
525 KB
Image
General
Full URL
https://tourismnewbrunswick.ca/sites/default/files/2022-03/IrvingEcoCentreBroadwalk.jpg
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
584bf2839b58b7d81823e3116cbc110df142306c5a95e511f3bd6000b2e599f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 15:08:50 GMT
server
Apache/2.4.61 (Debian)
etag
"830ea-6120df003efb2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
content-length
536810
expires
Tue, 20 Aug 2024 16:34:48 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Montserrat:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tourismnewbrunswick.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 23:39:22 GMT
x-content-type-options
nosniff
age
492927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Jul 2025 23:39:22 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Montserrat:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tourismnewbrunswick.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 12:13:23 GMT
x-content-type-options
nosniff
age
447686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 12:13:23 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
41 KB
10 KB
Script
General
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8eaa1c9ac4fe2a600a0b6506d6b4486dd7719c3d917cd3ae02fd9589a750388
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
gzip
via
1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
YUL62-C1
age
121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 17 Jun 2024 20:11:47 GMT
server
cloudflare
etag
W/"2801030c0114e98ab25cd3dc2ac1149b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
8af06fc1c85da316-YUL
x-amz-cf-id
XzoIUnLMgi0uFVw9XAAzU1zQiMOLp12Ve7P8JnNGm0iiOehBQaUUgg==
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700|Montserrat:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tourismnewbrunswick.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 04:21:30 GMT
x-content-type-options
nosniff
age
475999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 04:21:30 GMT
/
prism.app-us1.com/
250 B
499 B
Script
General
Full URL
https://prism.app-us1.com/?a=1001162818&u=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
0b182b210685de0580f36b8d206a1ebca8f2ae388d7eccbf60403c3a29dbf114
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.29
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
86
cf-ray
8af06fc338dda2c3-YUL
js
www.googletagmanager.com/gtag/
304 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WL1KK20L3J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4da84f38cb047a4d1a7d8427427c3e939a46271a9ff093b11cb97e8716c85fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103084
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 16:34:49 GMT
destination
www.googletagmanager.com/gtag/
247 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-360408149&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8038d0fc09a983ab4395da279fc276891a6a3c8b418ffd3dadd17df9d37293fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88649
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 16:08:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 16:34:49 GMT
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:28c::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bc581e601e42cbba8d5ac49ef3d056be95ab802edaa6cf0e9e3325b568c5cd06

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"5163e66e3b4356855f8057aaeca66d13"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1880
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 16:34:49 GMT
document-policy
force-load-at-top
x-fb-server-load
58
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=12, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
EAdmfCQl3WT4rv/YStrHDRckCikEtrbz5n07PYq4VAkVUtIY6cy8DyxF5gPpEGxzwbJSm+62k8+LDH0pckSKgg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixie.js
acdn.adnxs.com/dmp/up/
22 KB
8 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.240.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-240-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 16:34:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2024 17:09:07 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"667310b3-587e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
7929
Expires
Wed, 07 Aug 2024 16:34:51 GMT
up_loader.1.1.0.js
js.adsrvr.org/
12 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR8HJ974
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-60-119.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 01:37:54 GMT
Content-Encoding
gzip
Via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD89-P1
Age
53816
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
ELS5l04doEscaKN3AFoBnQNXZfp4UItI86Yd7m7UHSlgdAJL2pOSTg==
tag.js
d34r8q7sht0t9k.cloudfront.net/
3 KB
3 KB
Script
General
Full URL
https://d34r8q7sht0t9k.cloudfront.net/tag.js
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:fa00:1b:e40d:4a00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fb3034df4b523a32a725cd3a9ffdc0cf73b22022e803505d9c38ab5ea769ca1

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:50 GMT
via
1.1 495082db97d209f49efad4679b8a6f28.cloudfront.net (CloudFront)
last-modified
Mon, 29 Jul 2024 09:18:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
etag
"d9b39803bd71d35a85827313c442c08d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
2729
x-amz-cf-id
93ls1SsdUOF5WgMH2TFcwqRxZ6AGJaKHA1_HqXuPjQNvmQhHE1dUWw==
config
pixel-config.reddit.com/pixels/a2_f54hmulwv335/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/a2_f54hmulwv335/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
a2_f54hmulwv335_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
699 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_f54hmulwv335_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1722962089544&id=a2_f54hmulwv335&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8ff1ea88-ec50-434c-8f9c-dbc7960bc70d&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/360408149/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/360408149/?random=1722962089567&cv=11&fst=1722962089567&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9117427242z89184444121za201zb9184444121&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&hn=www.googleadservices.com&frm=0&tiba=Choose%20Your%20Language%20%2F%20%23ExploreNB%20%2F%20Tourism%20New%20Brunswick&npa=0&pscdl=noapi&auid=618463024.1722962089&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-360408149&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f156.1e100.net
Software
cafe /
Resource Hash
449b47aff988ed3c537a5e56c4a8f25828b7431eab3c64d057691848578b9a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1407
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WL1KK20L3J&gtm=45je47v0v876378468z89184444121za200zb9184444121&_p=1722962088492&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=456856577.1722962090&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1722962089&sct=1&seg=0&dl=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&dt=Choose%20Your%20Language%20%2F%20%23ExploreNB%20%2F%20Tourism%20New%20Brunswick&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4048
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WL1KK20L3J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tourismnewbrunswick.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
259 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WL1KK20L3J&cid=456856577.1722962090&gtm=45je47v0v876378468z89184444121za200zb9184444121&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WL1KK20L3J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tourismnewbrunswick.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WL1KK20L3J&cid=456856577.1722962090&gtm=45je47v0v876378468z89184444121za200zb9184444121&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=1410716568
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.cb788166.js
s.pinimg.com/ct/lib/
81 KB
23 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.cb788166.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:28c::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7fe7c08d3fdf1d7273da63b3998eb368679c1b24f9a0011365ee61d616928063

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"1769eb1fe2ab5455788cc4ecd006dd77"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
23536
up
ib.adnxs.com/pixie/
9 B
318 B
Fetch
General
Full URL
https://ib.adnxs.com/pixie/up?pi=3c78ea9e-3de0-4468-860c-7c403c3bc142
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
server
nginx/1.23.4
access-control-max-age
0
access-control-allow-methods
GET, OPTIONS
content-type
application/xml
access-control-allow-origin
https://tourismnewbrunswick.ca
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
access-control-allow-headers
Content-Type
content-length
9
1472057749807377
connect.facebook.net/signals/config/
72 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1472057749807377?v=2.9.164&r=stable&domain=tourismnewbrunswick.ca&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4460d3cc88e0c78c56b2eafc0255b5015ebf1b3f613b28cc816a8593b282639c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 16:34:49 GMT
document-policy
force-load-at-top
x-fb-server-load
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=66, mss=1297, tbw=64386, tp=-1, tpl=-1, uplat=95, ullat=0
pragma
public
x-fb-debug
4NQcCcICfyQS/c2IcaqEbbOAnHP2c1TIX6e1pPg4ZAGHSzG6Mpkp9HsOrQh/CNabrSrMFxOUzefWfGf27GkW6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
t_prism_sitemessages.php
trackcmp.net/
0
315 B
Script
General
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=1001162818&prismid=dafabc57-a0b8-465b-a928-74f34746c6b8&url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:610 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.29
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-envoy-upstream-service-time
16
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
8af06fc60d56a29e-YUL
content-length
0
/
ipv4.podscribe.com/
25 B
225 B
Fetch
General
Full URL
https://ipv4.podscribe.com/
Requested by
Host: d34r8q7sht0t9k.cloudfront.net
URL: https://d34r8q7sht0t9k.cloudfront.net/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.196.142.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-142-213.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
498717c771e9ad4f2cfe97d3625e1b1c452dbadbb047af5c947b772d9d1c1e83

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 16:34:50 GMT
server
awselb/2.0
access-control-allow-headers
*
content-length
25
access-control-allow-methods
OPTIONS, GET, POST
content-type
application/json
/
www.google.com/pagead/1p-user-list/360408149/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/360408149/?random=1722962089567&cv=11&fst=1722960000000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9117427242z89184444121za201zb9184444121&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&hn=www.googleadservices.com&frm=0&tiba=Choose%20Your%20Language%20%2F%20%23ExploreNB%20%2F%20Tourism%20New%20Brunswick&npa=0&pscdl=noapi&auid=618463024.1722962089&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfsFp_aUhb85CN1c-oZjRSNsD0hs5rQw&random=2099330913&rmt_tld=0&ipr=y
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/360408149/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/360408149/?random=1722962089567&cv=11&fst=1722960000000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v9117427242z89184444121za201zb9184444121&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&hn=www.googleadservices.com&frm=0&tiba=Choose%20Your%20Language%20%2F%20%23ExploreNB%20%2F%20Tourism%20New%20Brunswick&npa=0&pscdl=noapi&auid=618463024.1722962089&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfsFp_aUhb85CN1c-oZjRSNsD0hs5rQw&random=2099330913&rmt_tld=1&ipr=y
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/
321 B
369 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613723752004&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1722962089878&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb788166.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:50 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1109009068896140
content-length
186
pin-unauth
dWlkPVlXUXlOR0UxTTJZdFpHVXpZeTAwTVRBNExUbG1PVEF0TnpVek1EUTJZV0k0WWpaaQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tourismnewbrunswick.ca
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
24566c1eacfd475e71889db2e24a77832ef4e778
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
448 B
Fetch
General
Full URL
https://ct.pinterest.com/v3/?tid=2613723752004&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22cb788166%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1722962089881
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb788166.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:50 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://tourismnewbrunswick.ca
pinterest-version
24566c1eacfd475e71889db2e24a77832ef4e778
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1629372820856381
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixie
ib.adnxs.com/
42 B
227 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=3c78ea9e-3de0-4468-860c-7c403c3bc142&it=1722962089678&v=0.0.38&u=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&st=1722962089678&et=1722962089980&if=0
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:50 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
167.114.209.103; 167.114.209.103; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1472057749807377&ev=PageView&dl=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&rl=&if=false&ts=1722962090063&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722962090022.586858742901602203&cs_est=true&ler=empty&cdl=API_unavailable&it=1722962089734&coo=false&rqm=GET
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 16:34:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
4 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1472057749807377&ev=PageView&dl=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&rl=&if=false&ts=1722962090063&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722962090022.586858742901602203&cs_est=true&ler=empty&cdl=API_unavailable&it=1722962089734&coo=false&rqm=FGET
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xfddc02da276d7b07","source_keys":["1","2"]}],"aggregatable_values":{"1":10922,"2":0},"filters":{"2":["24:8802374413123711","24:8270149696350266","24:24122895924023233","7830:8802374413123711","7830:8270149696350266","7830:24122895924023233","10853:8802374413123711","10853:8270149696350266","10853:24122895924023233","41:8802374413123711","41:8270149696350266","41:24122895924023233","8046:8802374413123711","8046:8270149696350266","8046:24122895924023233"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 06 Aug 2024 16:34:50 GMT
x-fb-server-load
52
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400065830152819135", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=14, mss=1297, tbw=3136, tp=-1, tpl=-1, uplat=51, ullat=0
pragma
no-cache
x-fb-debug
/bo4sg4w5BCmMBiMhIIgPC51SzLEI9foAvgpX9Onyc6hlkmrGbUM3Qq1d/+3B5t89xGn336OAlliNkKofXXO3Q==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400065830152819135"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag
verifi.podscribe.com/
42 B
595 B
Image
General
Full URL
https://verifi.podscribe.com/tag?action=view&user_id=30a6f746-1c4d-44d2-8996-3528316e9313&advertiser=tourismnewbrunswick&referrer=_&device_id=pscrb_6bcfb695-f9d9-478e-819a-3c3e40b21455&stid=&ipv4=167.114.209.103&url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&event_url=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&source=js-tag+v1.0.4
Requested by
Host: tourismnewbrunswick.ca
URL: https://tourismnewbrunswick.ca/choose-your-language
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f10:4c2d:4712:eb8d:9a21:f46d:cb04 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Aug 2024 16:34:50 GMT
server
awselb/2.0
access-control-allow-headers
*
content-length
42
access-control-allow-methods
OPTIONS, GET, POST
content-type
image/png
token_create.js
ct.pinterest.com/static/ct/
4 KB
4 KB
Script
General
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb788166.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:50 GMT
x-cdn
fastly
age
6432
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame 4C00
0
0
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.cb788166.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.128.196 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-128-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://tourismnewbrunswick.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-grn
0.15dfda17.1722962090.102ddb56
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 16:34:50 GMT
pinterest-version
24566c1eacfd475e71889db2e24a77832ef4e778
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
4182127769747464
/
match.adsrvr.org/track/upb/ Frame ECD5
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0
0
0
Document
General
Full URL
https://match.adsrvr.org/track/upb/?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://tourismnewbrunswick.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 06 Aug 2024 16:34:50 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
319
date
Tue, 06 Aug 2024 16:34:50 GMT
location
https://match.adsrvr.org/track/upb/?adv=40ozpp4&ref=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&upid=y48kmu4&upv=1.1.0
server
Kestrel
favicon.ico
tourismnewbrunswick.ca/themes/custom/tourism/
15 KB
15 KB
Other
General
Full URL
https://tourismnewbrunswick.ca/themes/custom/tourism/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.203.33.67 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
tourismnewbrunswick.ca
Software
Apache/2.4.61 (Debian) /
Resource Hash
5aef2108b4c0d7d5f4274d5412bb599b8efbd26108b381338cec3b91b21f511f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tourismnewbrunswick.ca/choose-your-language
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:34:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 15:08:30 GMT
server
Apache/2.4.61 (Debian)
etag
"3c2e-6120deeca8628"
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
cache-control
max-age=1209600
accept-ranges
bytes
content-length
15406
expires
Tue, 20 Aug 2024 16:34:51 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WL1KK20L3J&gtm=45je47v0v876378468z89184444121za200zb9184444121&_p=1722962088492&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=456856577.1722962090&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1722962089&sct=1&seg=0&dl=https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language&dt=Choose%20Your%20Language%20%2F%20%23ExploreNB%20%2F%20Tourism%20New%20Brunswick&_s=2&tfd=9827
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WL1KK20L3J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://tourismnewbrunswick.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 16:34:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tourismnewbrunswick.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| once function| jQuery object| drupalSettings object| Drupal object| webpackChunktourism function| Popper object| bootstrap string| visitorGlobalObjectAlias function| vgo string| prismGlobalObjectAlias object| visitorGlobalObject object| google_tag_manager object| google_tag_data function| rdt function| pintrk function| fbq function| _fbq function| pixie function| onYouTubeIframeAPIReady function| redditNormalizeEmail object| GooglebQhCsO function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel object| gaGlobal function| podscribe string| podscribe_user_id string| podscribe_advertiser string| cookie

23 Cookies

Domain/Path Name / Value
.tourismnewbrunswick.ca/ Name: _gcl_au
Value: 1.1.618463024.1722962089
.tourismnewbrunswick.ca/ Name: _rdt_uuid
Value: 1722962089514.8ff1ea88-ec50-434c-8f9c-dbc7960bc70d
prism.app-us1.com/ Name: prism_1001162818
Value: dafabc57-a0b8-465b-a928-74f34746c6b8
.tourismnewbrunswick.ca/ Name: _ga
Value: GA1.1.456856577.1722962090
.tourismnewbrunswick.ca/ Name: prism_1001162818
Value: dafabc57-a0b8-465b-a928-74f34746c6b8
.tourismnewbrunswick.ca/ Name: __podscribe_tourismnewbrunswick_referrer
Value: _
.tourismnewbrunswick.ca/ Name: __podscribe_tourismnewbrunswick_landing_url
Value: https://tourismnewbrunswick.ca/choose-your-language
.tourismnewbrunswick.ca/ Name: __podscribe_did
Value: pscrb_6bcfb695-f9d9-478e-819a-3c3e40b21455
.tourismnewbrunswick.ca/ Name: _fbp
Value: fb.1.1722962090022.586858742901602203
.pinterest.com/ Name: ar_debug
Value: 1
.tourismnewbrunswick.ca/ Name: _pin_unauth
Value: dWlkPVlXUXlOR0UxTTJZdFpHVXpZeTAwTVRBNExUbG1PVEF0TnpVek1EUTJZV0k0WWpaaQ
.podscribe.com/ Name: _podscribe_tourismnewbrunswick_landing_url
Value: https%3A%2F%2Ftourismnewbrunswick.ca%2Fchoose-your-language
.podscribe.com/ Name: _podscribe_tourismnewbrunswick_referrer
Value: _
.podscribe.com/ Name: _podscribe_did
Value: pscrb_6bcfb695-f9d9-478e-819a-3c3e40b21455
.tourismnewbrunswick.ca/ Name: _ga_WL1KK20L3J
Value: GS1.1.1722962089.1.0.1722962090.59.0.0
.adsrvr.org/ Name: TDID
Value: 5ed2bf72-0d0b-437e-8287-6e66fc61e7f1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: audit_p
Value: 1|RSBYkqd7IFjD/nGVrSG56ZNBRTuLqrmcWW2Lb9i09A43Sds8s51Nz8kaJxJjkDRru92IkiSz+qyM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtd9Jx9+uNslShpgirwqudivBHOTvfxLPquznIE/Oveo9FYOQagTuS/OpWvBGztqNVbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/ Name: khaos
Value: LZIN55VO-W-2OZ3
.rubiconproject.com/ Name: khaos_p
Value: LZIN55VO-W-2OZ3
.rubiconproject.com/ Name: audit
Value: 1|RSBYkqd7IFjD/nGVrSG56ZNBRTuLqrmcWW2Lb9i09A43Sds8s51Nz8kaJxJjkDRru92IkiSz+qyM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtd9Jx9+uNslShpgirwqudivBHOTvfxLPquznIE/Oveo9FYOQagTuS/OpWvBGztqNVbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.doubleclick.net/ Name: IDE
Value: AHWqTUnUEzgaC9CS2nuJPtlGll_z0pMcEakwGo3b6B6j86AIPijnIBqK5SLdgg5NYII
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIYXBwbmV4dXMSCwiW38Sb94-bPRAFEhYKB3J1Ymljb24SCwj4_8Sb94-bPRAFEhUKBmdvb2dsZRILCM6F06D3j5s9EAUYBSACKAMyCwjcucfIjZCbPRAFQg8iDQgBEgkKBXRpZXIyEAFaBzQwb3pwcDRgAQ..

1 Console Messages

Source Level URL
Text
network error URL: https://kit.fontawesome.com/8c6727f9de.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
alb.reddit.com
analytics.google.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d34r8q7sht0t9k.cloudfront.net
diffuser-cdn.app-us1.com
explorenb.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
ipv4.podscribe.com
js.adsrvr.org
kit.fontawesome.com
match.adsrvr.org
pixel-config.reddit.com
prism.app-us1.com
s.pinimg.com
stats.g.doubleclick.net
tourismnewbrunswick.ca
trackcmp.net
verifi.podscribe.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redditstatic.com
104.17.25.14
142.251.174.105
151.101.1.140
151.101.192.84
151.101.193.140
159.203.33.67
173.194.204.94
18.67.60.119
209.85.144.156
23.220.128.196
23.221.240.246
2600:1408:ec00:28c::1931
2600:1f10:4c2d:4712:eb8d:9a21:f46d:cb04
2600:9000:24f3:fa00:1b:e40d:4a00:21
2606:4700::6811:1fae
2606:4700::6812:123e
2606:4700::6812:610
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::64
2607:f8b0:4004:c1d::9c
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::396
3.33.220.150
34.196.142.213
68.67.179.153
099ffd05e5e16b76c5e8aad03d824d274565e6c94ffbdc93683a7526d90ea6dd
0b182b210685de0580f36b8d206a1ebca8f2ae388d7eccbf60403c3a29dbf114
1c06835b9a36f8b7a5c9b5217ee934661d95764f18d96d9478a99b69785a95f0
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2761a6698395fb13fd3785c16dd380ec5d618de2abcc28eeaffe090b46a51fc4
2fb3034df4b523a32a725cd3a9ffdc0cf73b22022e803505d9c38ab5ea769ca1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3efd2285478ae411e589b6cc7097512899177c6b3e0961ddef906ad2996a05a1
40610949be5b35c5fb5a6f09770fa1043811c44cc9b29b38f985b234ff69e6f0
4460d3cc88e0c78c56b2eafc0255b5015ebf1b3f613b28cc816a8593b282639c
449b47aff988ed3c537a5e56c4a8f25828b7431eab3c64d057691848578b9a13
459f8e97dcc970e64a2a8a4f4fed78297d81e197983dec9d50cbf003457cda55
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
498717c771e9ad4f2cfe97d3625e1b1c452dbadbb047af5c947b772d9d1c1e83
4cbde85f355d7f5fe113b9917e4b5590b0de9f86b110ee761293130aa0c820bb
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5038c1eeff3cad88d057447d096ddcf02619c8b8a0fce7aa92ee4ed8509de24f
51865fd1e27f59a9887ad7a6cb65200f8a49e2193a1ce04f4cd0f0d56120b31e
584bf2839b58b7d81823e3116cbc110df142306c5a95e511f3bd6000b2e599f2
5aef2108b4c0d7d5f4274d5412bb599b8efbd26108b381338cec3b91b21f511f
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
635ad19704f34f92b98610817c01560010f8714d77406b9137a3f96a97d6cd5b
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6dd0e96df7198c382bd4064147c616284836c099e14066ed00210f630558f85a
77ae07f1d9f903294e680d0fe835243a3fd12ef8f604f48e04b4f87ef5f4161d
7fe7c08d3fdf1d7273da63b3998eb368679c1b24f9a0011365ee61d616928063
8038d0fc09a983ab4395da279fc276891a6a3c8b418ffd3dadd17df9d37293fd
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
9c4ae65c2d294d0474b5a3cf4b4be0122572890ca632e4f466b3572a4481f6f2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b8eaa1c9ac4fe2a600a0b6506d6b4486dd7719c3d917cd3ae02fd9589a750388
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc581e601e42cbba8d5ac49ef3d056be95ab802edaa6cf0e9e3325b568c5cd06
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
d79a0c9df9ee481a92d40b294dfdbeb197f4a5326f095c400365088f0bb7703d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e4da84f38cb047a4d1a7d8427427c3e939a46271a9ff093b11cb97e8716c85fd
ec103d7eb872de9c8b12a8cb1dcbe63028b0043403ef50439e4dd7c753b93671
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5