911ordi.com Open in urlscan Pro
64.34.148.133 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://911ordi.com/message-de-desjardins-t16572.html
Submission: On December 20 via manual (December 20th 2018, 6:42:37 pm UTC) from CA

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 76 HTTP transactions. The main IP is 64.34.148.133, located in New York, United States and belongs to COGECO-PEER1 - Cogeco Peer 1, CA. The main domain is 911ordi.com.

This is the only time 911ordi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	64.34.148.133 64.34.148.133	13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1)
1	2606:4700::68... 2606:4700::6811:1042	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681c:12e8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	143.204.101.16 143.204.101.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
4	37.252.172.40 37.252.172.40	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
5	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.17.98.197 52.17.98.197	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.31.111.62 52.31.111.62	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81b::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
76	18

40 64.34.148.133 (New York, United States)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)
PTR: francoischarron.com

911ordi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
francoischarron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.francoischarron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1042 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:12e8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.16 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-16.fra50.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.40 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.98.197 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-98-197.eu-west-1.compute.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.111.62 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-111-62.eu-west-1.compute.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

amp-error-reporting.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	911ordi.com 911ordi.com	287 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	151 KB
6	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	115 KB
5	ampproject.org cdn.ampproject.org	147 KB
5	freeskreen.com static.freeskreen.com sb.freeskreen.com	23 KB
4	adnxs.com ib.adnxs.com	5 KB
2	google.com 1 redirects adservice.google.com www.google.com	234 B
2	google-analytics.com www.google-analytics.com	17 KB
2	francoischarron.com francoischarron.com www.francoischarron.com	161 KB
2	districtm.io cdn.districtm.io
1	appspot.com amp-error-reporting.appspot.com	64 B
1	google.de adservice.google.de	171 B
1	googletagservices.com www.googletagservices.com	10 KB
1	districtm.ca cdn.districtm.ca	23 KB
76	14

	Domain	Requested by
38	911ordi.com	911ordi.com www.google-analytics.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net 911ordi.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 911ordi.com
4	ib.adnxs.com	cdn.districtm.ca
3	sb.freeskreen.com	static.freeskreen.com 911ordi.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 911ordi.com
2	www.google-analytics.com	911ordi.com
2	static.freeskreen.com	911ordi.com sb.freeskreen.com
2	cdn.districtm.io	cdn.districtm.ca
1	amp-error-reporting.appspot.com	cdn.ampproject.org
1	googleads.g.doubleclick.net	911ordi.com
1	www.google.com	1 redirects
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.francoischarron.com	911ordi.com
1	francoischarron.com	911ordi.com
1	www.googletagservices.com	911ordi.com
1	cdn.districtm.ca	911ordi.com
76	19

This site contains links to these domains. Also see Links.

Domain
promo.avec.votresite.ca
www.francoischarron.com
www.desjardins.com
www.insertech.ca

Subject Issuer	Validity	Valid
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2018-04-26` - `2019-04-26`	a year	crt.sh
*.francoischarron.com COMODO RSA Domain Validation Secure Server CA	`2017-12-29` - `2019-02-27`	a year	crt.sh
*.freeskreen.com DigiCert SHA2 Secure Server CA	`2018-03-09` - `2019-06-13`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
misc-sni.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.appspot.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://911ordi.com/message-de-desjardins-t16572.html
Frame ID: B72C4BAE525C7DFE5927500824334A12
Requests: 61 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 74D45528FDF3ED5473AA507791C0A637
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 527783C688538AB862673B296CB5A47A
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: A58E0F8283FC6F12F53BDC26932EA1E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Frame ID: 383987167DDFE35B7A90EE347C996C63
Requests: 12 HTTP requests in this frame

Frame: http://sb.freeskreen.com/t.gif?tm=1545331334&p=3497&c=4153&ttm=1545331334185&s=&d=&v=&t=50eea981-dcee-48bf-a388-9d1bdff661c0&co=DE&pr=DE-HE&ci=Frankfurt%20am%20Main&dm=null&flc=null&slc=null&e=AdOpened&m=2&x=null
Frame ID: 9315C325DB173ED8CF5FF127F22932BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

phpBB (Message Boards) Expand

Overall confidence: 100%
Detected patterns

html /(?:Powered by <a[^>]+phpbb|<a[^>]+phpbb[^>]+class=\.copyright| phpBB style name|<[^>]+styles\/(?:sub|pro)silver\/theme|<img[^>]+i_icon_mini|<table class="forumline)/i
env /^(?:style_cookie_settings|phpbb_)/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:Powered by <a[^>]+phpbb|<a[^>]+phpbb[^>]+class=\.copyright| phpBB style name|<[^>]+styles\/(?:sub|pro)silver\/theme|<img[^>]+i_icon_mini|<table class="forumline)/i
env /^(?:style_cookie_settings|phpbb_)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

76
Requests

36 %
HTTPS

67 %
IPv6

14
Domains

19
Subdomains

18
IPs

3
Countries

939 kB
Transfer

1773 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://promo.avec.votresite.ca/?r=fcvotresite

Search URL Search Domain Scan URL

URL: http://www.francoischarron.com/
Title: Site Internet

Search URL Search Domain Scan URL

URL: http://www.desjardins.com/fr/communiquer/repertoire/signaler-fraude.jsp
Title: http://www.desjardins.com/fr/communique ... fraude.jsp

Search URL Search Domain Scan URL

URL: http://www.insertech.ca/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 48

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20message%20de%20Desjardins%20%3A%20Probl%C3%A8mes%20g%C3%A9n%C3%A9raux%20avec%20Internet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=24154487&gjid=1206363142&cid=816643887.1545331331&tid=UA-5883024-9&_gid=1895930949.1545331331&_r=1&z=118245738 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20message%20de%20Desjardins%20%3A%20Probl%C3%A8mes%20g%C3%A9n%C3%A9raux%20avec%20Internet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=24154487&gjid=1206363142&cid=816643887.1545331331&tid=UA-5883024-9&_gid=1895930949.1545331331&_r=1&z=118245738

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set message-de-desjardins-t16572.html Show response
911ordi.com/ 40 KB
10 KB 364ms
253ms Document
text/html 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: e6cee0115fddb21d54dd1f19b303334292fbedcf49b23b22211d054303503c13

Request headers

Host: 911ordi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Thu, 20 Dec 2018 18:36:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, no-cache="set-cookie"
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: phpbb3_pe76w_u=1; expires=Fri, 20-Dec-2019 18:36:21 GMT; path=/; domain=911ordi.com; HttpOnly phpbb3_pe76w_k=; expires=Fri, 20-Dec-2019 18:36:21 GMT; path=/; domain=911ordi.com; HttpOnly phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6; expires=Fri, 20-Dec-2019 18:36:21 GMT; path=/; domain=911ordi.com; HttpOnly
X-Powered-By: PleskLin

GET
H/1.1 200
OK merge.119694.js Show response
cdn.districtm.ca/merge/ 95 KB
23 KB 29ms
17ms Script
application/x-javascript 2606:4700::6811:1042
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.districtm.ca/merge/merge.119694.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 2606:4700::6811:1042 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89bc6a1434075c8356ba6f16f3099a2ecf987a95b970771cd8325ab251cf6ce

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:42:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 34C69EB2C72759DA
Cf-Polished: origSize=97356
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
x-amz-id-2: YElK/zH4E7+s6hpkDhdjiv4OMPYxFwJfyH3zlUS0/2Gf68Lo8iHcpRV355+Ep2TIV11iMmQefsk=
Last-Modified: Tue, 14 Aug 2018 20:46:20 GMT
Server: cloudflare
ETag: W/"403370fe232da8166253b62704771de8"
Vary: Accept-Encoding
x-amz-version-id: bt2vUlgwKmcZxUXvv9JZjT3eVecDDkKC
Cf-Bgj: minify
Cache-Control: public, max-age=14400
CF-RAY: 48c43f4da5106481-FRA
Expires: Thu, 20 Dec 2018 22:42:10 GMT

GET
H/1.1 200
OK forum_fn.js Show response
911ordi.com/styles/absolution/template/ 9 KB
9 KB 462ms
94ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/forum_fn.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: ce10204ee33cb2f60416db7cb99e73c83554408668f9805640283d95864286b3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
ETag: "960fee-23c0-4dc0d23ca7900"
Last-Modified: Mon, 06 May 2013 14:01:40 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9152

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
911ordi.com/styles/absolution/template/ 92 KB
92 KB 480ms
95ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/jquery-1.7.1.min.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
ETag: "96104b-16eac-4dc0d23d9bb40"
Last-Modified: Mon, 06 May 2013 14:01:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93868

GET
H/1.1 200
OK jquery.tipsy.js Show response
911ordi.com/styles/absolution/template/ 7 KB
7 KB 683ms
91ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/jquery.tipsy.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: ff261a314f41ba1d8cf558cfb330130bce09e3f0ecf812c61f05b3b80d0e8bcb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
ETag: "961022-1cdd-4dc0d23d9bb40"
Last-Modified: Mon, 06 May 2013 14:01:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7389

GET
H/1.1 200
OK jquery.hoverIntent.min.js Show response
911ordi.com/styles/absolution/template/ 1 KB
2 KB 846ms
91ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/jquery.hoverIntent.min.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: d24a2e5db8c476184f3f4b28fe5be7cfd159c276d1f58af244d72de55d5dee16

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "961033-5b8-4dc0d23d9bb40"
Last-Modified: Mon, 06 May 2013 14:01:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1464

GET
H/1.1 200
OK jquery.cookie.js Show response
911ordi.com/styles/absolution/template/ 4 KB
4 KB 864ms
92ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/jquery.cookie.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960fe9-1096-4dc0d23d9bb40"
Last-Modified: Mon, 06 May 2013 14:01:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4246

GET
H/1.1 200
OK jquery.collapse.js Show response
911ordi.com/styles/absolution/template/ 5 KB
6 KB 937ms
91ms Script
application/x-javascript 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/template/jquery.collapse.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: b59c74eccf9e6a0421fa96e187688eebff669cfd86cf3fa5508eb4693c7ea9b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "961010-15d6-4dc0d23d9bb40"
Last-Modified: Mon, 06 May 2013 14:01:41 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5590

GET
H/1.1 200
OK style.php
911ordi.com/ 83 KB
17 KB 193ms
113ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 6ff6152d0e8f440c96701fe75f45befad3eaf8de513fa99c0b40f10086bdad70

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 27 Dec 2018 18:36:21 GMT

GET
H/1.1 200
OK normal.css
911ordi.com/styles/absolution/theme/ 65 B
378 B 363ms
91ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/theme/normal.css
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: e62bc1a9cb43f1d1dcc8e20c1c5372b9164a6034851d08df7767e7a2ed2ee520

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
Content-Encoding: gzip
ETag: "960efc-41-4dc0d24cddf40"
Last-Modified: Mon, 06 May 2013 14:01:57 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67

GET
H/1.1 200
OK moncss911.css
911ordi.com/styles/absolution/theme/ 541 B
661 B 380ms
100ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/theme/moncss911.css
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 4f2454b92be73806078b0a1ea53ff2826ec4c0d822424818bd301c208c8427c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: phpbb3_pe76w_u=1; phpbb3_pe76w_k=; phpbb3_pe76w_sid=83f5ffc4a9729a3b10410d6c9ba751a6
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:21 GMT
Content-Encoding: gzip
ETag: "960ef7-21d-56b9c3bafcb00"
Last-Modified: Mon, 07 May 2018 11:47:24 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 348

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "27 / 973 of 1000 / last-modified: 1544734874"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9687
x-xss-protection: 1; mode=block
expires: Thu, 20 Dec 2018 18:42:10 GMT

GET
H/1.1 200
OK logo.png
911ordi.com/styles/absolution/imageset/ 5 KB
5 KB 365ms
92ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/imageset/logo.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 9a02f1f6c6adf83a1b16d82c76c7a0b14f11bb70d95141c2bc5bece57699bd4b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960fdb-12de-4e5a4f20a4840"
Last-Modified: Thu, 05 Sep 2013 15:55:05 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4830

GET
H/1.1 200
OK logo-insertech.png
911ordi.com/styles/absolution/imageset/ 5 KB
6 KB 285ms
101ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/imageset/logo-insertech.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: caabc9ec9f146dea878149271032f228671152d4ac184d8c7eda8eadbd141b69

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f7e-15aa-4e61c6ef70d80"
Last-Modified: Wed, 11 Sep 2013 14:28:22 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5546

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 74D4 0
0 144ms
102ms Document
text/html 2606:4700:30::681c:12e8
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:12e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://911ordi.com/message-de-desjardins-t16572.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://911ordi.com/message-de-desjardins-t16572.html

Response headers

status: 200
date: Thu, 20 Dec 2018 18:42:10 GMT
content-type: text/html
set-cookie: __cfduid=d6c3e84c9fa674d79d7f29e359b1698bd1545331330; expires=Fri, 20-Dec-19 18:42:10 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified: Wed, 22 Aug 2018 21:49:26 GMT
cache-control: s-maxage=1209600, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48c43f4e3f1b9732-FRA
content-encoding: br

GET
H/1.1 200
OK votre-site-article.png
francoischarron.com/images/ 57 KB
57 KB 776ms
314ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://francoischarron.com/images/votre-site-article.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_256_CBC
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 90bced934654a9a543c5f79ec2e6486e624eac2761a5a0420fad73a4a30e11ae

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
Last-Modified: Tue, 13 Feb 2018 17:04:53 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "5a831ab5-e38e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58254
Expires: Fri, 20 Dec 2019 18:36:22 GMT

GET
H/1.1 200
OK nav-home.png
911ordi.com/styles/absolution/theme/images/ 3 KB
3 KB 93ms
92ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/nav-home.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 5a80bf7ba459374b6b6158ed2748ab9e5ef73ecc7953a5ebe2e3248512415611

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f33-cee-4dc0d24a01880"
Last-Modified: Mon, 06 May 2013 14:01:54 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3310

GET
H/1.1 200
OK key.png
911ordi.com/styles/absolution/theme/images/ 612 B
879 B 178ms
92ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/key.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f06-264-4dc0d24a01880"
Last-Modified: Mon, 06 May 2013 14:01:54 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 612

GET
H/1.1 200
OK add.png
911ordi.com/styles/absolution/theme/images/ 733 B
1000 B 184ms
92ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/add.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: c06a52df3361df380a02a45159a0858d6f7cd8cbc3f71ff732a65d6c25ea6af6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f5b-2dd-4dc0d24630f80"
Last-Modified: Mon, 06 May 2013 14:01:50 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 733

GET
H/1.1 200
OK search.png
911ordi.com/styles/absolution/theme/images/ 845 B
1 KB 281ms
103ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/search.png
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 91fc8f576a48b8ced7def2bb95734f27435da813847be91aec8f68065a28e3cb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f47-34d-4dc0d24be9d00"
Last-Modified: Mon, 06 May 2013 14:01:56 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 845

GET
H/1.1 200
OK icon_post_target.gif
911ordi.com/styles/absolution/imageset/ 186 B
452 B 281ms
92ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/imageset/icon_post_target.gif
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 5fac438312a886e6888dce6c2b03cc7446c6ebc1ef257cb1af0fbff8c57c7091

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960fbe-ba-4dc0d238d7000"
Last-Modified: Mon, 06 May 2013 14:01:36 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186

GET
H/1.1 200
OK file.php
911ordi.com/download/ 11 KB
11 KB 674ms
107ms Image
image/jpeg 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/download/file.php?avatar=878_1542578761.jpg
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 523b6a37b020e845b67cb68fd3f3bcd5f72a4f33b8073de4086696c844f40c87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Dec 2018 18:36:23 GMT
Last-Modified: Sun, 18 Nov 2018 22:06:01 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/jpeg
Content-Disposition: inline; filename=878.jpg
Connection: keep-alive
Content-Length: 10949
Expires: Fri, 20 Dec 2019 18:36:23 GMT

GET
H/1.1 200
OK expertduforum-admin.gif
911ordi.com/images/ranks/ 2 KB
2 KB 664ms
95ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/images/ranks/expertduforum-admin.gif
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 90a8253971ca3ea9afa9524eb6739fe0086adadf1df605039f89e8de3448bfae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
ETag: "9600bb-69d-4e722acfcde00"
Last-Modified: Tue, 24 Sep 2013 15:20:24 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1693

GET
H/1.1 200
OK icon_lol.gif
911ordi.com/images/smilies/ 336 B
603 B 609ms
93ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/images/smilies/icon_lol.gif
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 1134a1ae0697163c35f8a6ee6fef5bbb0b51e38a9f6cf512f0d25c643fabb537

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
ETag: "96053c-150-4dbc0a3bb2f80"
Last-Modified: Thu, 02 May 2013 18:45:34 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 336

GET
H/1.1 200
OK icon_wink.gif
911ordi.com/images/smilies/ 170 B
436 B 665ms
91ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/images/smilies/icon_wink.gif
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 21dcff282765d08eb60d38303440a79a64089544c9340b10fe01884b53846b56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
ETag: "960525-aa-4dbc0a3ca71c0"
Last-Modified: Thu, 02 May 2013 18:45:35 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170

GET
H/1.1 200
OK insertech-2014.jpg
www.francoischarron.com/datascontent/ 103 KB
104 KB 7890ms
311ms Image
image/jpeg 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.francoischarron.com/datascontent/insertech-2014.jpg
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_256_CBC
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: da02d09ac4463dfdd026e0572e938c3f7fb1f6049f330694f89792e740914a42

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:29 GMT
Last-Modified: Thu, 05 Mar 2015 19:26:39 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "54f8adef-19de7"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105959
Expires: Fri, 20 Dec 2019 18:36:29 GMT

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/340/ 3 KB
2 KB 1810ms
8ms Script
text/javascript 143.204.101.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/340/freeskreen.min.js
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.16 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b71fe9eaf4f4a474bf7c3479d0d24d1e93d5b65b1aa3399b2a31b0e83bdfc48d

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 4xN6c50nzPOlNlvTNm.1bmquyS4nbVIb
Content-Encoding: gzip
Last-Modified: Sat, 26 May 2018 05:48:24 GMT
Server: AmazonS3
Age: 80105
ETag: "8b73ac3dc59a2818c148bc6a768caf32"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Date: Wed, 19 Dec 2018 20:27:07 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1186
X-Amz-Cf-Id: PvT9qVuzTvBm2c1gL_B3oQzONEy5vq9gVgUAVY_UXscqG5a7eNZj4w==

GET
H/1.1 200
OK print.css
911ordi.com/styles/absolution/theme/ 3 KB
1 KB 192ms
97ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/theme/print.css
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: c201a9c391556df570bc7cefc635da41aa6cbc977b245046b3a80acd1af7f7de

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false; _ga=GA1.2.816643887.1545331331; _gid=GA1.2.1895930949.1545331331; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
Content-Encoding: gzip
ETag: "960f67-c0f-4dc0d24cddf40"
Last-Modified: Mon, 06 May 2013 14:01:57 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1161

GET
H/1.1 200
OK medium.css
911ordi.com/styles/absolution/theme/ 65 B
378 B 190ms
97ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/theme/medium.css
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: a3b4d808cb4d7d615cf646382ec0aeaedd44834076bb6690a44b223ce4efb03c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false; _ga=GA1.2.816643887.1545331331; _gid=GA1.2.1895930949.1545331331; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
Content-Encoding: gzip
ETag: "960f69-41-4dc0d24cddf40"
Last-Modified: Mon, 06 May 2013 14:01:57 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67

GET
H/1.1 200
OK large.css
911ordi.com/styles/absolution/theme/ 65 B
378 B 257ms
88ms Stylesheet
text/css 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: http://911ordi.com/styles/absolution/theme/large.css
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 3c7832f718e86bbf82de6f93e9425f217ab952b8fb51ffa9849782791082dcc4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Cookie: dmxRegion=false; _ga=GA1.2.816643887.1545331331; _gid=GA1.2.1895930949.1545331331; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
Content-Encoding: gzip
ETag: "960efa-41-4dc0d24cddf40"
Last-Modified: Mon, 06 May 2013 14:01:57 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 1675
date: Thu, 20 Dec 2018 18:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Thu, 20 Dec 2018 20:14:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 5277 0
0 103ms
103ms Document
text/html 2606:4700:30::681c:12e8
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:12e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://911ordi.com/message-de-desjardins-t16572.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://911ordi.com/message-de-desjardins-t16572.html

Response headers

status: 200
date: Thu, 20 Dec 2018 18:42:11 GMT
content-type: text/html
set-cookie: __cfduid=daf5f13a19e97ca7dab28bb56eb4043cc1545331331; expires=Fri, 20-Dec-19 18:42:11 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified: Wed, 22 Aug 2018 21:49:26 GMT
cache-control: s-maxage=1209600, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 48c43f542a7d9732-FRA
content-encoding: br

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=911ordi.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 21ms
20ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=911ordi.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 51ms
50ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Thu, 20 Dec 2018 18:42:11 GMT

GET
H/1.1 200
OK bodybg.gif
911ordi.com/styles/absolution/theme/images/ 1 KB
2 KB 232ms
91ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/bodybg.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 42ffed5a537ef6cc358dfbce6ab65224af706115202b791819045f557358042c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f4a-524-4dc0d24630f80"
Last-Modified: Mon, 06 May 2013 14:01:50 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1316

GET
H/1.1 200
OK noise.png
911ordi.com/styles/absolution/theme/images/ 5 KB
6 KB 236ms
91ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/noise.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: a4c0365761b33db283f1671730ffa018dab9b2ca8e87faa8e087cbaf88657b00

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f40-1592-4dc0d24af5ac0"
Last-Modified: Mon, 06 May 2013 14:01:55 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5522

GET
H/1.1 200
OK nav-wrappers.png
911ordi.com/styles/absolution/theme/images/ 4 KB
4 KB 145ms
93ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/nav-wrappers.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: c17e8aaa314c39b3e58c64d2ba03c0ac7237a04c801e349f844b74582cd919bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f35-eeb-4dc0d24af5ac0"
Last-Modified: Mon, 06 May 2013 14:01:55 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3819

GET
H/1.1 200
OK nav-m.gif
911ordi.com/styles/absolution/theme/images/ 318 B
585 B 272ms
92ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/nav-m.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: bf9a6279fa50f865f6be5556992a6f73f3a2e8b8da3f773c59af87eee2d1cf67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f42-13e-4dc0d24a01880"
Last-Modified: Mon, 06 May 2013 14:01:54 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 318

GET
H/1.1 200
OK navbg.gif
911ordi.com/styles/absolution/theme/images/ 800 B
1 KB 366ms
92ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/navbg.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: fd3fbe705f8799ce472b679f677920c45065dd4e0837679115ebae1a252dea9d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f15-320-4e5a372206c00"
Last-Modified: Thu, 05 Sep 2013 14:07:44 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 800

GET
H/1.1 200
OK divider.gif
911ordi.com/styles/absolution/theme/images/ 58 B
323 B 180ms
91ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/divider.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: f8e00e1028f605a8708b9b3077bad35c6b645311c92563618b380407435e206d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f25-3a-4dc0d24819400"
Last-Modified: Mon, 06 May 2013 14:01:52 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58

GET
H/1.1 200
OK button_topic_reply.gif
911ordi.com/styles/absolution/imageset/fr/ 3 KB
3 KB 415ms
91ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/imageset/fr/button_topic_reply.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 990de8a0e6828553880955b6d70624f6c832a23f81766ca8ad542b68d7070c37

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960fa9-c3d-4e60c1418ac80"
Last-Modified: Tue, 10 Sep 2013 18:57:38 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3133

GET
H/1.1 200
OK formbg.gif
911ordi.com/styles/absolution/theme/images/ 152 B
418 B 424ms
94ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/formbg.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 65842df4ebe1ea71e7eddb7a7918baa7041b66713266a9ab85fe0dac33f4dc7e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f16-98-4dc0d24819400"
Last-Modified: Mon, 06 May 2013 14:01:52 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152

GET
H/1.1 200
OK buttonbg.png
911ordi.com/styles/absolution/theme/images/ 3 KB
3 KB 141ms
90ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/buttonbg.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: edac6c2d0958eb6d15704affc2ca289e897b5bdabf1ecb17d9a478a38f1eef73

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f38-b09-4dc0d24630f80"
Last-Modified: Mon, 06 May 2013 14:01:50 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2825

GET
H/1.1 200
OK vtdatebar.png
911ordi.com/styles/absolution/theme/images/ 3 KB
3 KB 323ms
91ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/vtdatebar.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: d67605cb580ef58a066118fc708e3304a7adcd2d994e9b37770bfc3a0272fcba

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f52-b1f-4dc0d24cddf40"
Last-Modified: Mon, 06 May 2013 14:01:57 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2847

GET
H/1.1 200
OK useroffline.png
911ordi.com/styles/absolution/theme/images/ 3 KB
4 KB 330ms
93ms Image
image/png 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/useroffline.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: c70d9e8825b764f2021246c366a9458db9b47637d2ad184f5e94bec786d8bc5b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960f58-dfd-4dc0d24be9d00"
Last-Modified: Mon, 06 May 2013 14:01:56 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3581

GET
H/1.1 200
OK icon_contact_www.gif
911ordi.com/styles/absolution/imageset/ 1 KB
2 KB 458ms
91ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/imageset/icon_contact_www.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: b620f705ef83b596faebf1ef106038ca2b1591fdc2aea04529bc6db02b48e487

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:22 GMT
ETag: "960fc9-573-4dc0d238d7000"
Last-Modified: Mon, 06 May 2013 14:01:36 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1395

GET
H/1.1 200
OK arrow_left.gif
911ordi.com/styles/absolution/theme/images/ 111 B
377 B 195ms
92ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/arrow_left.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: bcac67cd877eb8a6c6238a92458da2ee11ac2981de0633d1925598aa01a322cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false; _ga=GA1.2.816643887.1545331331; _gid=GA1.2.1895930949.1545331331; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
ETag: "960f62-6f-4dc0d24630f80"
Last-Modified: Mon, 06 May 2013 14:01:50 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111

GET
H/1.1 200
OK footerlight.gif
911ordi.com/styles/absolution/theme/images/ 76 KB
76 KB 185ms
88ms Image
image/gif 64.34.148.133
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://911ordi.com/styles/absolution/theme/images/footerlight.gif
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 64.34.148.133 New York, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS: francoischarron.com
Software: nginx / PleskLin
Resource Hash: 00fecf191de715d63dd5eb95e3d41142e23cefa43b7ecf2a9ad750c92aabd58c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
Cookie: dmxRegion=false; _ga=GA1.2.816643887.1545331331; _gid=GA1.2.1895930949.1545331331; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://911ordi.com/style.php?id=3&lang=fr&sid=83f5ffc4a9729a3b10410d6c9ba751a6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:36:23 GMT
ETag: "960f0f-12f77-4dc0d24819400"
Last-Modified: Mon, 06 May 2013 14:01:52 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77687

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20messa...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20mess...

35 B
111 B

14ms
13ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20message%20de%20Desjardins%20%3A%20Probl%C3%A8mes%20g%C3%A9n%C3%A9raux%20avec%20Internet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=24154487&gjid=1206363142&cid=816643887.1545331331&tid=UA-5883024-9&_gid=1895930949.1545331331&_r=1&z=118245738

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Dec 2018 18:42:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1167968520&t=pageview&_s=1&dl=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&ul=en-us&de=UTF-8&dt=911%20Ordi%20%E2%80%A2%20message%20de%20Desjardins%20%3A%20Probl%C3%A8mes%20g%C3%A9n%C3%A9raux%20avec%20Internet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=24154487&gjid=1206363142&cid=816643887.1545331331&tid=UA-5883024-9&_gid=1895930949.1545331331&_r=1&z=118245738
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 163 B
1 KB 138ms
111ms Script
application/javascript 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=8DMbn7KITgvi4PD1qcu1kCBxfFR2YN~450~div-gpt-ad-1525685330299-0&psa=0&zone=450&id=12548751&member_id=1908&size=970x250&promo_sizes=970x90,320x50&referrer=http://911ordi.com/message-de-desjardins-t16572.html

Requested by

Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

204980ce37ab4919d0b9c77210be7e25d83bcb5c4507817645b5343c236e5bd9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:13 GMT
AN-X-Request-Uuid: 5508e8c0-dc87-4ea9-8db9-efba7215b7c1
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.142.26.203; 185.142.26.203; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.135:80
Content-Length: 163
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 163 B
1 KB 206ms
67ms Script
application/javascript 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=zSAEqmLezh4rqg1pIiOOnYvoD6pRQn~451~div-gpt-ad-1525685330299-1&psa=0&zone=451&id=12548752&member_id=1908&size=300x250&promo_sizes=300x600&referrer=http://911ordi.com/message-de-desjardins-t16572.html

Requested by

Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

de0e144e61a08279c887d0a6c637e408119a14800cef4b65d99482b09c96cedd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:13 GMT
AN-X-Request-Uuid: dbac9b30-a10e-47f5-9005-4bccd90613b5
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.142.26.203; 185.142.26.203; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
Content-Length: 163
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 163 B
1 KB 230ms
27ms Script
application/javascript 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=TdGE9nnWMRXIoSCVpTt0f0yM3QpQsX~452~div-gpt-ad-1525685330299-2&psa=0&zone=452&id=12548753&member_id=1908&size=300x250&promo_sizes=300x600&referrer=http://911ordi.com/message-de-desjardins-t16572.html

Requested by

Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ea2b80d57bc3dedf74852e19411159866e4e5e46378f7f6e0c3aa17201442ed0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:13 GMT
AN-X-Request-Uuid: 63780433-57eb-4e9b-9ca7-ae2768cd1056
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.142.26.203; 185.142.26.203; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.183:80
Content-Length: 163
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 163 B
1 KB 289ms
58ms Script
application/javascript 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/jpt?callback=districtmHeader.ssp.appnexus.handleAppNexusCallback&callback_uid=FrgMeJeJcc8S4Ru1OUe1oULpHqhOaZ~453~div-gpt-ad-1525685330299-3&psa=0&zone=453&id=12548754&member_id=1908&size=970x250&promo_sizes=970x90,320x50&referrer=http://911ordi.com/message-de-desjardins-t16572.html

Requested by

Host: cdn.districtm.ca
URL: http://cdn.districtm.ca/merge/merge.119694.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ef198f3d7944514b0d5afe39ad4d73e5bada4040fd68ae19a75429151c3cdfc5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:13 GMT
AN-X-Request-Uuid: 1ef8b682-7cb0-4647-be3e-380aa8b5f6e7
Content-Type: application/javascript; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.142.26.203; 185.142.26.203; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.207:80
Content-Length: 163
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
21 KB 224ms
223ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1290515059032432&correlator=2222065252866915&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062068%2C21062576%2C21062818&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=3755332%2C911ordi_leaderboard_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C768x90&prev_scp=Position%252FMapping%3Dlb_atf&eri=1&cookie_enabled=1&bc=7&abxe=1&lmt=1545331332&dt=1545331332442&dlt=1545331330164&idt=1314&frm=20&biw=1585&bih=1200&oid=3&adxs=171&adys=273&adks=3939857950&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&dssz=29&icsg=22833787560&mso=32&std=0&vis=1&scr_x=0&scr_y=0&psz=960x-1&ga_vid=816643887.1545331331&ga_sid=1545331332&ga_hid=1167968520&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

cc8a72a4d9e2a0a44402c6a319a0eefcfd9de67bda21f94a1147fd7cac5e2573

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17486614803097918854/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17486614803097918854/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-ki-mHr98CFeVYFQgdb1EHMw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17486614803097918854/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Origin: http://911ordi.com

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17486614803097918854/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17486614803097918854/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-ki-mHr98CFeVYFQgdb1EHMw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17486614803097918854/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21251
x-xss-protection: 1; mode=block
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 20 Dec 2018 18:42:12 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://911ordi.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
22 KB 41ms
40ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Thu, 20 Dec 2018 18:42:12 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 14ms
6ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
9 KB 200ms
200ms XHR
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1290515059032432&correlator=3067254725765084&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062068%2C21062576%2C21062818&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=3755332%2C911ordi_300_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=Position%252FMapping%3Dbb_atf&eri=1&cookie_enabled=1&bc=7&abxe=1&lmt=1545331332&dt=1545331332555&dlt=1545331330164&idt=1314&frm=20&biw=1585&bih=1200&oid=3&adxs=1138&adys=273&adks=2224104541&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F911ordi.com%2Fmessage-de-desjardins-t16572.html&dssz=29&icsg=160272741032&mso=32&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1&ga_vid=816643887.1545331331&ga_sid=1545331332&ga_hid=1167968520&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

026fa849b9a713ebd78136895634d57e6fac3be05b727b17d9ad70499fdc82b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Origin: http://911ordi.com

Response headers

date: Thu, 20 Dec 2018 18:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8907
x-xss-protection: 1; mode=block
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://911ordi.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame A58E 0
0 16ms
7ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://911ordi.com/message-de-desjardins-t16572.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://911ordi.com/message-de-desjardins-t16572.html

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 1737
Date: Thu, 20 Dec 2018 07:06:23 GMT
Expires: Fri, 20 Dec 2019 07:06:23 GMT
Last-Modified: Thu, 01 Nov 2018 14:23:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 41750

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
27 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 20 Dec 2018 18:26:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
Age: 948
ETag: 10366987592970477111
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 26696
X-XSS-Protection: 1; mode=block
Expires: Thu, 20 Dec 2018 19:26:24 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011812051624460/ 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 204590
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7754
x-xss-protection: 1; mode=block
server: sffe
date: Tue, 18 Dec 2018 09:52:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858d6f79c108609a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 09:52:22 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011812051624460/ Frame 3839 268 KB
85 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 685985
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 86897
x-xss-protection: 1; mode=block
server: sffe
date: Wed, 12 Dec 2018 20:09:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "492d4f08a6978e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2019 20:09:07 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 3839 129 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 126518
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 41338
x-xss-protection: 1; mode=block
server: sffe
date: Wed, 19 Dec 2018 07:33:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87cac6d139ce71e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 07:33:34 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 3839 3 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 137399
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1602
x-xss-protection: 1; mode=block
server: sffe
date: Wed, 19 Dec 2018 04:32:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08ba1591bee48831"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 04:32:13 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 3839 35 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 165387
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12653
x-xss-protection: 1; mode=block
server: sffe
date: Tue, 18 Dec 2018 20:45:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c6931f03758769d2"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 20:45:45 GMT

GET
DATA 200
OK truncated
/ Frame 3839 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3e98114bf7b6b4b3e213ae66d28ff0da8ea417ec6d2b34a7a0aa491628c8545

Request headers

Response headers

Content-Type: image/png

GET
H2 200 14435288930676118722
tpc.googlesyndication.com/simgad/ Frame 3839 121 KB
121 KB 8ms
8ms Image
image/gif 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14435288930676118722

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c521bb88cd7c92235c84568dfe36f5328d948b0014d0d7a283a0c17a78dcc824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:18:01 GMT
x-content-type-options: nosniff
age: 1451
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 123470
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Sep 2018 11:11:44 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2019 18:18:01 GMT

GET
H2 200 fr.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3839 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:37:50 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 262
etag: 12021612326893382710
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2724
x-xss-protection: 1; mode=block
expires: Fri, 21 Dec 2018 18:37:50 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3839 295 B
371 B 6ms
5ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 20 Dec 2018 18:11:39 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 1833
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 295
x-xss-protection: 1; mode=block
expires: Fri, 21 Dec 2018 18:11:39 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3839 0
254 B 117ms
117ms Image
text/html 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAHYVhOIbXISFJaOCmwek9rqICqLiodNUxtOwuOwHsJAfEAEgrNazA2CVgoCAlAegAfGD_ZUDyAED4AIAqAMByAMIqgTxAU_Q3AboL3XwaWB1JUwgNXfQWac39cNrqCff-3etfyM7KOb8z6ILv3EQKRksPI3AXVhqgrhbJFEANcFPVP2SPQ6zXrUd2cffe4c8_0zMYxqSiKe43N6wLMu5dxpeB9kTT4h5hxnux1tYliO4P8mTQrxBuq9bhAMUdMOl0IhDzmw2PXbCAzYcBLBpwZb3OxFIZZZI_eANpRJVD_w8vTRC8w0qohgYNF2HXUKOz7xcRWh5YCHqXwjYM_3Vm0386lvdmjFLtMSLlLbNFxvcks1JD4mH7vVSp35PJ9ZzsIQyJ0GQq17zoNulKIzF928X4Ne2-hnABM6E8ITcAeAEAZIFBAgEGAGSBQQIBRgEoAYDgAfzgfVuqAeOzhuoB9XJG6gHqAaoB9nLG6gHz8wbqAemvhvYBwHyBwQQuKcF0ggJCIDhgHAQARgBgAoB2BMC&sigh=LtIr0Wf3NZI&tpd=AGWhJmsoEod2GEKihMJnz8bSIwnjt5i4AEHaIWsB-VbNydaVcw
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK script.js Show response
sb.freeskreen.com/publisher/ 63 KB
19 KB 1136ms
78ms Script
text/html 52.17.98.197
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sb.freeskreen.com/publisher/script.js?bai=340&ut=&uts=&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/340/freeskreen.min.js
Protocol: HTTP/1.1
Server: 52.17.98.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-98-197.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3e06a85a22837d71d08b2e972ba3636e613cbe3f5fe864aadc0292cf0be32825

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:14 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Content-Length: 19052
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3839
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
165 B

16ms
15ms

Image
text/html

2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date: Thu, 20 Dec 2018 18:42:13 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK BKbw8QbaYe.js Show response
static.freeskreen.com/scm/js/ 3 KB
1 KB 9ms
8ms Script
application/javascript 143.204.101.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/scm/js/BKbw8QbaYe.js
Requested by: Host: sb.freeskreen.com
URL: http://sb.freeskreen.com/publisher/script.js?bai=340&ut=&uts=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.16 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bab864a76c3a8dd50d682c4fab2dee4f4fe66f0ebe609a03716bc4d33ec6d796

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: mxAh8DMn3WKke_FclwzLwE25nZ_uSk1X
Content-Encoding: gzip
Last-Modified: Mon, 11 Jun 2018 09:30:38 GMT
Server: AmazonS3
Age: 80705
ETag: "2067fdf42abfa0fc88806762d1a9e067"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Date: Wed, 19 Dec 2018 20:17:10 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 763
X-Amz-Cf-Id: UCsIr_iNjgulEVjlsvYEubfRmuboWE0ND8l6e6NRoGAXZtIpEf5Yjg==

GET
H/1.1 200
OK t.gif
sb.freeskreen.com/ Frame 9315 43 B
355 B 33ms
33ms Image
image/gif 52.17.98.197
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sb.freeskreen.com/t.gif?tm=1545331334&p=3497&c=4153&ttm=1545331334185&s=&d=&v=&t=50eea981-dcee-48bf-a388-9d1bdff661c0&co=DE&pr=DE-HE&ci=Frankfurt%20am%20Main&dm=null&flc=null&slc=null&e=AdOpened&m=2&x=null
Requested by: Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html
Protocol: HTTP/1.1
Server: 52.17.98.197 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-98-197.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Dec 2018 18:42:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Cache-control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: -1

POST
H/1.1 200
OK s.gif Show response
sb.freeskreen.com/ 0
334 B 81ms
36ms XHR
image/gif 52.31.111.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sb.freeskreen.com/s.gif
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/scm/js/BKbw8QbaYe.js
Protocol: HTTP/1.1
Server: 52.31.111.62 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-31-111-62.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
Origin: http://911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 20 Dec 2018 18:42:14 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
Access-Control-Allow-Origin: http://911ordi.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 3839 2 B
64 B 115ms
115ms XHR
text/plain 2a00:1450:4001:81b::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:81b::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
Origin: http://911ordi.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 20 Dec 2018 18:42:14 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3839 42 B
116 B 31ms
30ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7oXZnnbkXE7w3Jf9HuoTkkfxltyhIQCDtBbI6t7UXoHi7-N1yUPkcONV2O7rBh0mIEoaaLkrrfglYAKLCG4axt5-wuUjeFOXvPAHAHrFWN0OGHhGDeA&sai=AMfl-YToW2Qge4v6jFeAHiLlZ3p1sLzyKHfH0VDNzzgXJxiF2n5AsxCvTi3Eqkb9mmp43bvdvuAnj8gJ7AOCoVhJXsqAWRANGW1gEOzcBEsyaw&sig=Cg0ArKJSzB9u-rsq7jkmEAE&id=ampim&o=1138,273&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=445&tls=1448&g=100&h=100&pt=31&tt=1449&rpt=31&rst=1545331332552&r=v&adk=2224104541&avms=ampa

Requested by

Host: 911ordi.com
URL: http://911ordi.com/message-de-desjardins-t16572.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://911ordi.com/message-de-desjardins-t16572.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Dec 2018 18:42:14 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549) Message: Powered by AMP ⚡ HTML – Version 1812051624460
console-api	error	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146) Message: localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

911ordi.com
adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
cdn.ampproject.org
cdn.districtm.ca
cdn.districtm.io
francoischarron.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
sb.freeskreen.com
securepubads.g.doubleclick.net
static.freeskreen.com
tpc.googlesyndication.com
www.francoischarron.com
www.google-analytics.com
www.google.com
www.googletagservices.com
143.204.101.16
172.217.18.98
2606:4700:30::681c:12e8
2606:4700::6811:1042
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:815::2002
2a00:1450:4001:81b::2014
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2001
2a00:1450:4001:825::2001
2a00:1450:4001:825::2002
37.252.172.40
52.17.98.197
52.31.111.62
64.34.148.133
00fecf191de715d63dd5eb95e3d41142e23cefa43b7ecf2a9ad750c92aabd58c
026fa849b9a713ebd78136895634d57e6fac3be05b727b17d9ad70499fdc82b9
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
0f0ed284afcf94f728410e720ca9ac84107d90a676864c780b0a3ddd70d8e58b
1134a1ae0697163c35f8a6ee6fef5bbb0b51e38a9f6cf512f0d25c643fabb537
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
204980ce37ab4919d0b9c77210be7e25d83bcb5c4507817645b5343c236e5bd9
21dcff282765d08eb60d38303440a79a64089544c9340b10fe01884b53846b56
3c7832f718e86bbf82de6f93e9425f217ab952b8fb51ffa9849782791082dcc4
3e06a85a22837d71d08b2e972ba3636e613cbe3f5fe864aadc0292cf0be32825
42ffed5a537ef6cc358dfbce6ab65224af706115202b791819045f557358042c
4f2454b92be73806078b0a1ea53ff2826ec4c0d822424818bd301c208c8427c1
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
523b6a37b020e845b67cb68fd3f3bcd5f72a4f33b8073de4086696c844f40c87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
5a80bf7ba459374b6b6158ed2748ab9e5ef73ecc7953a5ebe2e3248512415611
5fac438312a886e6888dce6c2b03cc7446c6ebc1ef257cb1af0fbff8c57c7091
65842df4ebe1ea71e7eddb7a7918baa7041b66713266a9ab85fe0dac33f4dc7e
6ff6152d0e8f440c96701fe75f45befad3eaf8de513fa99c0b40f10086bdad70
749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
90a8253971ca3ea9afa9524eb6739fe0086adadf1df605039f89e8de3448bfae
90bced934654a9a543c5f79ec2e6486e624eac2761a5a0420fad73a4a30e11ae
91fc8f576a48b8ced7def2bb95734f27435da813847be91aec8f68065a28e3cb
990de8a0e6828553880955b6d70624f6c832a23f81766ca8ad542b68d7070c37
9a02f1f6c6adf83a1b16d82c76c7a0b14f11bb70d95141c2bc5bece57699bd4b
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b4d808cb4d7d615cf646382ec0aeaedd44834076bb6690a44b223ce4efb03c
a3e98114bf7b6b4b3e213ae66d28ff0da8ea417ec6d2b34a7a0aa491628c8545
a4c0365761b33db283f1671730ffa018dab9b2ca8e87faa8e087cbaf88657b00
b59c74eccf9e6a0421fa96e187688eebff669cfd86cf3fa5508eb4693c7ea9b8
b620f705ef83b596faebf1ef106038ca2b1591fdc2aea04529bc6db02b48e487
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b71fe9eaf4f4a474bf7c3479d0d24d1e93d5b65b1aa3399b2a31b0e83bdfc48d
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
bab864a76c3a8dd50d682c4fab2dee4f4fe66f0ebe609a03716bc4d33ec6d796
bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf
bcac67cd877eb8a6c6238a92458da2ee11ac2981de0633d1925598aa01a322cf
bf9a6279fa50f865f6be5556992a6f73f3a2e8b8da3f773c59af87eee2d1cf67
c06a52df3361df380a02a45159a0858d6f7cd8cbc3f71ff732a65d6c25ea6af6
c17e8aaa314c39b3e58c64d2ba03c0ac7237a04c801e349f844b74582cd919bb
c201a9c391556df570bc7cefc635da41aa6cbc977b245046b3a80acd1af7f7de
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c521bb88cd7c92235c84568dfe36f5328d948b0014d0d7a283a0c17a78dcc824
c70d9e8825b764f2021246c366a9458db9b47637d2ad184f5e94bec786d8bc5b
caabc9ec9f146dea878149271032f228671152d4ac184d8c7eda8eadbd141b69
cc8a72a4d9e2a0a44402c6a319a0eefcfd9de67bda21f94a1147fd7cac5e2573
ce10204ee33cb2f60416db7cb99e73c83554408668f9805640283d95864286b3
d24a2e5db8c476184f3f4b28fe5be7cfd159c276d1f58af244d72de55d5dee16
d67605cb580ef58a066118fc708e3304a7adcd2d994e9b37770bfc3a0272fcba
d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b
da02d09ac4463dfdd026e0572e938c3f7fb1f6049f330694f89792e740914a42
de0e144e61a08279c887d0a6c637e408119a14800cef4b65d99482b09c96cedd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bc1a9cb43f1d1dcc8e20c1c5372b9164a6034851d08df7767e7a2ed2ee520
e6cee0115fddb21d54dd1f19b303334292fbedcf49b23b22211d054303503c13
e89bc6a1434075c8356ba6f16f3099a2ecf987a95b970771cd8325ab251cf6ce
ea2b80d57bc3dedf74852e19411159866e4e5e46378f7f6e0c3aa17201442ed0
edac6c2d0958eb6d15704affc2ca289e897b5bdabf1ecb17d9a478a38f1eef73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef198f3d7944514b0d5afe39ad4d73e5bada4040fd68ae19a75429151c3cdfc5
f8e00e1028f605a8708b9b3077bad35c6b645311c92563618b380407435e206d
fd3fbe705f8799ce472b679f677920c45065dd4e0837679115ebae1a252dea9d
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11
ff261a314f41ba1d8cf558cfb330130bce09e3f0ecf812c61f05b3b80d0e8bcb

911ordi.com Open in urlscan Pro 64.34.148.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

76 Requests

36 %HTTPS

67 %IPv6

14 Domains

19 Subdomains

18 IPs

3 Countries

939 kBTransfer

1773 kBSize

0 Cookies

4 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

911ordi.com Open in urlscan Pro
64.34.148.133 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

36 %
HTTPS

67 %
IPv6

14
Domains

19
Subdomains

18
IPs

3
Countries

939 kB
Transfer

1773 kB
Size

0
Cookies

76 HTTP transactions
1 data transactions