Submitted URL: https://storage.googleapis.com/ofwego/Timhortonschristmas.html
Effective URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d3...
Submission: On December 19 via api from CA — Scanned from CA

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3031::ac43:96f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk-ca.znila.com.
TLS certificate: Issued by E1 on November 9th 2022. Valid for: 3 months.
This is the only time trk-ca.znila.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
10 cdn-ca.znila.com trk-ca.znila.com
6 trk.znila.com cdn-ca.znila.com
4 trk-ca.znila.com 2 redirects trk-ca.znila.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com trk-ca.znila.com
1 ajax.googleapis.com trk-ca.znila.com
1 fonts.googleapis.com trk-ca.znila.com
1 trk.kryru.com 1 redirects
1 www.deals2cantia.com 1 redirects
1 storage.googleapis.com
24 10

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.znila.com
E1
2022-11-09 -
2023-02-07
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Frame ID: D4B3565DF13BC842FF2E3576AA1DAE62
Requests: 21 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://storage.googleapis.com/ofwego/Timhortonschristmas.html Page URL
  2. https://www.deals2cantia.com/3D8WB7M/213566SS/ HTTP 302
    https://trk.kryru.com/c83f6552-b511-70af-5b65-8ef522202732/?transaction_id=f25fe8c0b0ad4cb2b9341ee... HTTP 302
    https://trk-ca.znila.com/campaign/97ff5f70f9b2b349d698b669725468ab78016ad6?transaction_id=f25fe8c0b0a... HTTP 302
    https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&... HTTP 302
    https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

10
Subdomains

7
IPs

2
Countries

304 kB
Transfer

396 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/ofwego/Timhortonschristmas.html Page URL
  2. https://www.deals2cantia.com/3D8WB7M/213566SS/ HTTP 302
    https://trk.kryru.com/c83f6552-b511-70af-5b65-8ef522202732/?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&aff_sub= HTTP 302
    https://trk-ca.znila.com/campaign/97ff5f70f9b2b349d698b669725468ab78016ad6?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&aff_sub=&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm HTTP 302
    https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz HTTP 302
    https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Timhortonschristmas.html
storage.googleapis.com/ofwego/
90 B
668 B
Document
General
Full URL
https://storage.googleapis.com/ofwego/Timhortonschristmas.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2010 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d68bea749f6336d0c639fb09336fd99523640b87e97ca535dfea7c50b36c3126

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
90
content-type
text/html
date
Mon, 19 Dec 2022 14:40:18 GMT
etag
"443344cd143746096cc5892c93eef627"
expires
Mon, 19 Dec 2022 15:40:18 GMT
last-modified
Wed, 07 Dec 2022 16:04:40 GMT
server
UploadServer
x-goog-generation
1670429080507605
x-goog-hash
crc32c=s3z+dw== md5=RDNEzRQ3RglsxYksk+72Jw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
90
x-guploader-uploadid
ADPycduJPtN5THX9iSZuxIGIaqL2W2d34RcjE2uhLDximXY5lq6HnUlhOJXcexQx_9IIQwTPmnfhQomOc-T0NJFU3pwtscfYO8gG
Primary Request loader_only.php
trk-ca.znila.com/
Redirect Chain
  • https://www.deals2cantia.com/3D8WB7M/213566SS/
  • https://trk.kryru.com/c83f6552-b511-70af-5b65-8ef522202732/?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&aff_sub=
  • https://trk-ca.znila.com/campaign/97ff5f70f9b2b349d698b669725468ab78016ad6?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&aff_sub=&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9...
  • https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=...
  • https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=...
21 KB
7 KB
Document
General
Full URL
https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
1e63ff650bd230e2353a44ecedd6b88f5b709e0e6d9050efd9210221ea8ef82e

Request headers

Referer
https://storage.googleapis.com/ofwego/Timhortonschristmas.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
77c0e4989eae9dff-EWR
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 14:40:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIM4PiHqGBwUoWbQSTSvSSGSE5Qn7ZiKLO3k2nwqhP6H8GgRpOQdAtcItcUE7xXnRV6tUKOmisDaNgAptk87vLy%2F11TI38MC6MfIfyBb98l0280WDZgCtyoIsTpNiv5lzlal77LddwKMpoO5tKrM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
77c0e497c96c8c2f-EWR
content-type
text/html
date
Mon, 19 Dec 2022 14:40:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
//trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lKMSkYC6xurg%2BVewm2zw3E2ZA%2BjX6ygT2ZL%2FylbUGmD144r%2FBgJt1tuqWPEB77u5vz43cxW%2FrLmdXwWTdVJVUqQ%2Bn8bPmfjFAt7uXpNtn7mwwkzPUKgAoDn9hVz6DDAjPKlYNv5B3Z43oW1xWfc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:50:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Dec 2022 14:40:22 GMT
clock.svg
cdn-ca.znila.com/prelanders/uk/amz/loyalty/img/
1 KB
1012 B
Image
General
Full URL
https://cdn-ca.znila.com/prelanders/uk/amz/loyalty/img/clock.svg
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 13:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53e-5d215b98f4119"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cMyJAyFepP2mD48BL%2BhTOQOMo%2F%2FcX%2FEohzxEXdAuXerxok17OR0lFMly3K3vqo%2FTohVJA0niLqmT7BHoCNIgN3GH%2FUdV0SBAT1BO278BdhAvZtQwPGAK3MYiijCePwwd2EndsONEh0YRpsH6YC9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
77c0e49d2c798c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
animated-loading.gif
cdn-ca.znila.com/assets/global/loading/
3 KB
3 KB
Image
General
Full URL
https://cdn-ca.znila.com/assets/global/loading/animated-loading.gif
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d1d94e30886b697e5ea71ac71e37c1dfd3d22a0f90a4dea73393dbfb273eae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 15:12:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"a18-5a4d3f6df20f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l0qDpMLlWqL8jjHNgn7EPa8bA7TdttHxLwI4%2BD60AQ4UdFuHs10jDzEn0OdYMc4QaQnXjll3sBnI1ddpuzc7W3EjEXM0ILy2MIkOwgQ8hWdgnvLDGsRH0k%2F7MHZh%2BUsYaaO3SZb4lnuDo98qyLZ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77c0e49ebb289dff-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2584
email-decode.min.js
trk-ca.znila.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://trk-ca.znila.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Dec 2022 12:21:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6399bfb7-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBeW%2B2MVyrawSFCC2mzhggQPFtGVD7xQbdF8kBh0Bc3vq1FLsoAYn6WvUN5X6jvBGzWbIipyE0U5DRJJoTc66qImVksfBDdnFvK61mN8I0jzU5cdP3FZqhMTKLmX15k9%2FptXKzbOrY10lf2%2BH%2FFP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
77c0e49d78ae9dff-EWR
expires
Wed, 21 Dec 2022 14:40:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 14:10:57 GMT
iframeResizer.contentWindow.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/
14 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.5.8/iframeResizer.contentWindow.min.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1027756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4554
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-367d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2iIyjOdrUKwne%2FJ7uY%2FUIKTKr4F7Z9n9EUUDZQnxInEaBzYBnX9JAgU2%2FXjpVQ8ocYLVuZMCE0GJYlzLj6LjD09PaQmM4yVTBAdHor3C2BONmI2fCCoOds5r4z1z%2B7bMOdww%2Fyoh6eN7aS%2FaoTycTQe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77c0e49e1c9c4bd1-YUL
expires
Sat, 09 Dec 2023 14:40:22 GMT
elephant.js
cdn-ca.znila.com/global-scripts/js/
10 KB
3 KB
Script
General
Full URL
https://cdn-ca.znila.com/global-scripts/js/elephant.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
35b3e07e7d00d7be7794c56684959aa66ea1ad5247a026972dae3a8504b05ac8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Dec 2022 14:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtOBEuDv8g0a5FTKbj2c6HozMnyh40hdK3gtGCDDfZsgtzEryZWCyiQVZyPb0Ktwvig67wcdQxkHqwHDiEWzy5PgTvtD70IB6Tp463UmFhQ56B4mYknFZrL3F0LI5tSCO3Fy6sLBUqBbMcb1Jg%2BM"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
77c0e49d7d0c8c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
manageCookies.js
cdn-ca.znila.com/global-scripts/js/
741 B
703 B
Script
General
Full URL
https://cdn-ca.znila.com/global-scripts/js/manageCookies.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 03 Oct 2022 10:03:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e5-5ea1e75272a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaN9rHW5SVF8vasi1ODfdfQXsMipoLI9bZxqGo3D6ZAlmT%2FYXl6uY6cvD7VF8IpXjEbF3IGCmH3tKMdIw2dSAgBfSolqH9qJFSsayv6CYeaISQrcsOMs5ZAukiln0%2FRBJegdyU1IF5oS%2Bl52MEhZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c0e49d7d108c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
paypal_preload.js
cdn-ca.znila.com/global-scripts/js/paypal/
8 KB
2 KB
Script
General
Full URL
https://cdn-ca.znila.com/global-scripts/js/paypal/paypal_preload.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9df0a2c61415a01702002a96465311a15e60251f4409f1efad20a187059d2b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Dec 2022 13:46:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1f74-5efde1330cbf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XidFX36g%2Bqqn5ks9Io7kBEvxMW3y8iXU1goLXJ281HmqzJPJxqkSEHChaqJxiH%2B4Gsl30Y72qOHcrwUap9mim2cwFU5AE74ucRr%2BAo4yQUa002%2Fk5Z4tjnf0g%2B1dOaZIdITSKR6s6hLSsM3CZRhm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c0e49d7d148c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazy_loader.js
cdn-ca.znila.com/global-scripts/js/function/
770 B
767 B
Script
General
Full URL
https://cdn-ca.znila.com/global-scripts/js/function/lazy_loader.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 23 Mar 2020 12:12:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"302-5a1848c071609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeRjjA6n1xP8zJM4INdj2Nn%2F3feiKGCpJhOW9wab%2F6PN4crqPlWNK6hDACpCsxWGDhBM4XgLduvhnzO7PqXp2k%2FTGAoSAjR%2BHvWFFI0uYFvxdi0w6b6bJKorc17S4y5CfhMVFO1lxR%2FJH8NfaY7v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c0e49d7d158c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
stattag_v2.js
cdn-ca.znila.com/global-scripts/js/function/
821 B
695 B
Script
General
Full URL
https://cdn-ca.znila.com/global-scripts/js/function/stattag_v2.js
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94676b5f061ca6a21a44ee0c6e9b0fb6039fecfeb45ec70bcd534319ee9ea4b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 18 May 2022 13:18:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"335-5df4917a93041"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ohj5xIUgr56wW4%2BCJt0%2Fn2jQKeH80JXVsixHhOj2BZIrwaHYypyrWd6r9rBqNu6ZCTN5ZNqOmYXeskbCfzt7c0lICGuOYAMgoGtvcHy7cp6QGSHlPF8rd1mrRd2CH%2BRw7xqDLGAsGdvIqqvnjVWJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77c0e49d7d168c2f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk-ca.znila.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 11:10:29 GMT
x-content-type-options
nosniff
age
271793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 11:10:29 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trk-ca.znila.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 11:14:22 GMT
x-content-type-options
nosniff
age
271560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 11:14:22 GMT
/
trk.znila.com/api/logger/post_interaction/
0
0
Preflight
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.znila.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c0e49ffb0e15d7-EWR
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 14:40:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApXnfI9VSXdw3LRn93UO1TgHDNA7ike7l2I3usx4n9oSWGa2GnmMlN6iyhwBvYpa7K%2F7NxhSZs3tVBw6juon57moj0O8PPghZXTNsdjFUgq6V6FPTLAzacUQIH6MwDc2MZ8HbYstsFn8cPA4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.znila.com/api/logger/post_interaction/
60 B
654 B
XHR
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.znila.com
URL: https://cdn-ca.znila.com/global-scripts/js/elephant.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
f370780a4bba23f402a935d2725dcab6b1a95e4de12d57b74aa1b39578d6b70a

Request headers

Referer
https://trk-ca.znila.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcGqwt9N66Zfe4VCuiVVh%2BJQdUltatBh0eScmZywymEfwDgPn3AO%2BpKss%2FRW1%2BkCuZP1t98vaoFXuzogks86YVRcBRCWOBkWMUK%2FiI%2BPKh9y%2FMFdssKC1t9imB57mSPv5TSNyMAI7c3yJ%2Blo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
77c0e4a17a1ec475-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
trk.znila.com/api/logger/post_interaction/
60 B
682 B
XHR
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.znila.com
URL: https://cdn-ca.znila.com/global-scripts/js/elephant.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
b11bfa0a3b4fc535162b89de3732a69743bc8b729c2224625c0bff1abea90ccb

Request headers

Referer
https://trk-ca.znila.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pn2ynB5vpMOHpx7P0VsZZZhQ%2Btn5S3XvgpLolsze2FExwMh80C84CsX3ZI21NIzhXRT84lFn137qmtWYOqX2cTgo8rf%2BqkqQ57IAgprUInk8I2T0vV5vgBmwOyUoKhKBNHMOJ7cHpRivhpD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
77c0e4a17a06c475-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
rating.png
cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/
5 KB
6 KB
Image
General
Full URL
https://cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/rating.png
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf3c62d91707d3bb5e75e08a27fbacbb8771ca90ac50da8928d927402b998f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:45:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"148f-5ee873e67193b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOnDQH1hBNzHpHgVj1ljQsnbJRXG1qOE0Qzoay%2FWYznvToeY4lZJxPjSe6M3f2NLNwF6%2F%2BOWg%2BPt%2BBok6Zq0%2FNyc7Qd30HsjAFVR4dOrIgKZ6FSTHUd28E4w2A9LZeXmZcrS%2B7sOzbe6qT2p6CpH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77c0e49f7c679dff-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5263
desktop-img.png
cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/
217 KB
218 KB
Image
General
Full URL
https://cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/desktop-img.png
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3200207d7bbd0a4ab93f4e051ba93d9da3757ff9b06288953981615780fbe2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:45:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"36417-5ee873e646da4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvEKQmo3HTZ4mgo5xg6RyYaCV5wje9bC777XB3bpYWES3lMmpQq%2FOtSRlkk24JoPA1xVf%2BvFWdHR8M6dIXLP6JGR2%2FVn0p4ND4AG59q%2FFkR3CA3qlEt%2Bt3iTr8mLbuUIq7bguZBOuj2r8QK0VOTK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77c0e49f7c689dff-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
222231
poweredBy.png
cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/
6 KB
6 KB
Image
General
Full URL
https://cdn-ca.znila.com/assets/CA/ContentBase/TH-Christmas-Lander-CA/img/poweredBy.png
Requested by
Host: trk-ca.znila.com
URL: https://trk-ca.znila.com/loader_only.php?transaction_id=f25fe8c0b0ad4cb2b9341eef314c78e8&aff_id=1482&sl1=77d769e1-e58d-d385-1f5c-b88ea2e3a122&sl2=Yetprvz9&sl3=ZTcvQ1MF&sl4=qUjNxiIm&rc=R-CT-P-SC&pl=743210633&pc_session_id=sagemsbjijvm8m53inlhm2p9q1-52325&sid=sagemsbjijvm8m53inlhm2p9q1-52325&pc_synd_id=tim_cbs_ca_x1_sh383_pp_biz&partner=tim_cbs_ca_x1_sh383_pp_biz&prelander=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:96f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
978cca3cb41f552073f24add2674a6b734268d2d222d87c135a0e9b131aeaae8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://trk-ca.znila.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Nov 2022 12:45:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1668-5ee873e65e4a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Vnc7dxp3ILS9LroRsmfdfgY%2BAtO%2FOaKEtBcVlzx%2B1xM0jpwpQqnAOSqNRms%2Bm8RSi3RjOGv9FlcwM1UbO%2BPoBj7EDB4VJszJV4iJ1Z%2Bwuflz1ZdLbLhW0berQRiR4cEbyKBcY40dwSFMD1xxedY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77c0e49f7c699dff-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5736
/
trk.znila.com/api/logger/post_interaction/
0
0
Preflight
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.znila.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c0e49ffb1115d7-EWR
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 14:40:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPCo7CwLQZjN7QWRUUaxSDju5xGxs8LjFntsQMaxSCwRkAIKzCJMjMDBXqn5p%2BeGkdQyrvOjveIejvfLAHt8SPPQ1M4o8xs0OAqwrBKQ35l5bm4vhKgOIF1PYPkIBqjTstqcEf0Jlj1zbcCk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.znila.com/api/logger/post_interaction/
0
0
Preflight
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://trk-ca.znila.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET, POST, DELETE, UPDATE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c0e4a3df90c475-EWR
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 14:40:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o7kyB0gI2HlYbGHjZiRNkMDeKNVdJnOW2aYyBZOYRoZ70wvL7lmFJWnSOzB0Ysd304nztXqFDxaEQzI2v8fT5MA8jauxhhEPySLSpRhO8af3PiviYVxuraMvLQoECQ8VolRgwTo%2Fspa1Td4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
/
trk.znila.com/api/logger/post_interaction/
60 B
648 B
XHR
General
Full URL
https://trk.znila.com/api/logger/post_interaction/
Requested by
Host: cdn-ca.znila.com
URL: https://cdn-ca.znila.com/global-scripts/js/elephant.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:7f -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ff87a0e64c0941d5a23ee6814c0e62237439cce14749b497fddc1bcf8ec2dfcd

Request headers

Referer
https://trk-ca.znila.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 19 Dec 2022 14:40:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.4.16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4caB4SzL44zGWIUJgY9ClLJgm%2F4Bo3Fmv8lUYgBhl1DdrCE6sXCRfFFcURMCO5vDYbfuQXHP%2FdmIkJYWlGLgtcEPS17CA6N3BB%2BfMCHBeh7qx4MTXg61tk6peQMrAv4fDF3khJbcOqKRw7S"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
77c0e4a48913c475-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

2 Cookies

Domain/Path Name / Value
trk.kryru.com/ Name: PHPSESSID
Value: d1rmlikqq22j12ptkg5otc8b62
trk-ca.znila.com/ Name: PHPSESSID
Value: sagemsbjijvm8m53inlhm2p9q1-52325

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-ca.znila.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
storage.googleapis.com
trk-ca.znila.com
trk.kryru.com
trk.znila.com
www.deals2cantia.com
2606:4700:3031::6815:7f
2606:4700:3031::ac43:96f6
2606:4700:3034::ac43:db80
2606:4700::6811:190e
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80d::2010
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::200a
57.128.37.220
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1e63ff650bd230e2353a44ecedd6b88f5b709e0e6d9050efd9210221ea8ef82e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
290b1a4f50d2b5d32b9d8bcb6f8369e9bca2372da8604d320903ec8a9cdc058a
35b3e07e7d00d7be7794c56684959aa66ea1ad5247a026972dae3a8504b05ac8
7080e089dab3a0ae988d8605e0228194997e26bbb43079ac5772315032c966a2
75fda61b6fe4483c08c1f1d8f05876d6a2d96788104900b50fed574c37cf3652
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8d4773ada09d3d362bd0eda5e5d872e60ddbc5eeef5103b106c1f50476124f06
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94676b5f061ca6a21a44ee0c6e9b0fb6039fecfeb45ec70bcd534319ee9ea4b0
978cca3cb41f552073f24add2674a6b734268d2d222d87c135a0e9b131aeaae8
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
aaf3c62d91707d3bb5e75e08a27fbacbb8771ca90ac50da8928d927402b998f1
b11bfa0a3b4fc535162b89de3732a69743bc8b729c2224625c0bff1abea90ccb
d5d1d94e30886b697e5ea71ac71e37c1dfd3d22a0f90a4dea73393dbfb273eae
d68bea749f6336d0c639fb09336fd99523640b87e97ca535dfea7c50b36c3126
ed3200207d7bbd0a4ab93f4e051ba93d9da3757ff9b06288953981615780fbe2
f370780a4bba23f402a935d2725dcab6b1a95e4de12d57b74aa1b39578d6b70a
f9df0a2c61415a01702002a96465311a15e60251f4409f1efad20a187059d2b0
ff87a0e64c0941d5a23ee6814c0e62237439cce14749b497fddc1bcf8ec2dfcd