o.canada.com Open in urlscan Pro
34.117.147.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://canada.com/
Effective URL:
https://o.canada.com/
Submission: On October 08 via api (October 8th 2025, 7:58:31 pm UTC) from CA — Scanned from DE

Summary HTTP 237 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 106 IPs in 9 countries across 70 domains to perform 237 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com.
TLS certificate: Issued by WR3 on August 14th 2025. Valid for: 3 months.

This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.111.67.160 34.111.67.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.117.147.204 34.117.147.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.149.157.221 34.149.157.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
19	34.117.54.29 34.117.54.29	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	18.239.70.135 18.239.70.135	16509 (AMAZON-02) (AMAZON-02)
1	23.67.132.201 23.67.132.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.239.83.50 18.239.83.50	16509 (AMAZON-02) (AMAZON-02)
2	104.26.1.62 104.26.1.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.58.95 13.35.58.95	16509 (AMAZON-02) (AMAZON-02)
1	104.21.66.34 104.21.66.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.37.167 34.120.37.167	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	104.18.5.235 104.18.5.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.107.6.158 13.107.6.158	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.243 172.64.152.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.105 3.160.150.105	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
5	178.250.1.12 178.250.1.12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	104.16.174.226 104.16.174.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.19.206.161 37.19.206.161	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
2	87.248.119.252 87.248.119.252	34010 (YAHOO-IRD...) (YAHOO-IRD Yahoo-UK Limited)
4	141.95.33.120 141.95.33.120	16276 (OVH OVH SAS) (OVH OVH SAS)
2	104.20.23.13 104.20.23.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.217.15.209 54.217.15.209	16509 (AMAZON-02) (AMAZON-02)
1	172.67.73.177 172.67.73.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.45.96.101 23.45.96.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.26.26 18.66.26.26	16509 (AMAZON-02) (AMAZON-02)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.174.46.124 3.174.46.124	16509 (AMAZON-02) (AMAZON-02)
1	3.232.126.205 3.232.126.205	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.27.70 13.32.27.70	16509 (AMAZON-02) (AMAZON-02)
2	13.33.186.215 13.33.186.215	16509 (AMAZON-02) (AMAZON-02)
1	34.213.159.49 34.213.159.49	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.13 104.18.35.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH OVH SAS) (OVH OVH SAS)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
16	54.216.131.59 54.216.131.59	16509 (AMAZON-02) (AMAZON-02)
1	34.36.209.34 34.36.209.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.38 178.250.1.38	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
7	18.185.116.170 18.185.116.170	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.156.138 69.173.156.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 7	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.36.115.242 54.36.115.242	16276 (OVH OVH SAS) (OVH OVH SAS)
1	162.19.138.118 162.19.138.118	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.145.78 135.125.145.78	16276 (OVH OVH SAS) (OVH OVH SAS)
2	51.195.73.74 51.195.73.74	16276 (OVH OVH SAS) (OVH OVH SAS)
2	51.195.115.36 51.195.115.36	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.113 51.195.73.113	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.126.30 51.195.126.30	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.220 51.195.34.220	16276 (OVH OVH SAS) (OVH OVH SAS)
4	51.195.73.82 51.195.73.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.140.162 135.125.140.162	16276 (OVH OVH SAS) (OVH OVH SAS)
2	135.125.146.86 135.125.146.86	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.255 51.195.34.255	16276 (OVH OVH SAS) (OVH OVH SAS)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
1	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
4	54.246.81.101 54.246.81.101	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
4	18.66.102.119 18.66.102.119	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	34.8.155.66 34.8.155.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	34.8.254.188 34.8.254.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	54.156.183.251 54.156.183.251	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.8.157 151.101.8.157	54113 (FASTLY) (FASTLY)
2	104.19.220.32 104.19.220.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
2	57.129.85.99 57.129.85.99	16276 (OVH OVH SAS) (OVH OVH SAS)
2	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	18.194.3.175 18.194.3.175	16509 (AMAZON-02) (AMAZON-02)
1	34.204.142.167 34.204.142.167	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.4.235 104.18.4.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.244.44 13.226.244.44	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.18.25.18 104.18.25.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	95.100.185.43 95.100.185.43	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.64.189.116 185.64.189.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1 1	178.250.1.129 178.250.1.129	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
3	178.250.1.57 178.250.1.57	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1 1	46.228.164.11 46.228.164.11	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
1 2	98.82.156.107 98.82.156.107	14618 (AMAZON-AES) (AMAZON-AES)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.221.240 172.105.221.240	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	172.64.150.63 172.64.150.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.171.96.116 54.171.96.116	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	54.203.221.146 54.203.221.146	16509 (AMAZON-02) (AMAZON-02)
237	106

1 34.111.67.160 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com

canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com

o.canada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com

dcs-static.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fem.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.70.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-70-135.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.132.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-132-201.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-50.ams58.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.1.62 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

tags.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-95.fra60.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.66.34 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.37.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.37.120.34.bc.googleusercontent.com

kindhush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.244.18.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.5.235 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

auth.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com

edge-auth.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googlesync.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.243 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-105.fra60.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.12 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.174.226 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.19.206.161 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-37-19-206-161.datapacket.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.252 (United Kingdom)

ASN34010 (YAHOO-IRD Yahoo-UK Limited, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.23.13 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.15.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-15-209.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.177 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

events.qortex.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.96.101 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-96-101.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.26.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-26-26.vie50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.174.46.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-174-46-124.fra60.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.126.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-126-205.compute-1.amazonaws.com

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.70 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.186.215 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-186-215.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.159.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-159-49.us-west-2.compute.amazonaws.com

pb-ing-postmedia.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.13 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu

api.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.122 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.216.131.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.209.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.209.36.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.38 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.185.116.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.156.138 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.27.193 (Ascension Island) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.115.242 (France)

ASN16276 (OVH OVH SAS, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.145.78 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip78.ip-135-125-145.eu

d0.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.73.74 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip74.ip-51-195-73.eu

d1.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu

d3.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu

d4.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu

d5.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.220 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip220.ip-51-195-34.eu

d7.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.195.73.82 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-51-195-73.eu

d0.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d3.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d4.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d5.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu

d1.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.146.86 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip86.ip-135-125-146.eu

d2.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.255 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip255.ip-51-195-34.eu

d7.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.246.81.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

postmedia.hub.loginradius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.102.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-119.fra56.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.8.155.66 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.155.8.34.bc.googleusercontent.com

postmedia.solutions.cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.8.254.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.254.8.34.bc.googleusercontent.com

ca.edge.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.183.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-183-251.compute-1.amazonaws.com

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.8.157 (Brussels, Belgium)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.220.32 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.129.85.99 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy01.cl15.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.0.227 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.229 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.3.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-3-175.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.142.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-142-167.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.4.235 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

config.lrcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.244.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-244-44.fra56.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

postmedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.18 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.185.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-185-43.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.116 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ut.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.136.108 (Groningen, Netherlands) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.129 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.57 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)
PTR: presentation-ams1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.156.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-107.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.221.240 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.150.63 (Ascension Island) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.96.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-96-116.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.203.221.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-221-146.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	postmedia.digital smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 133792 dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 168223 fem.gprod.postmedia.digital — Cisco Umbrella Rank: 212293	353 KB
19	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 645 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2643 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 732	4 KB
10	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 516 grid-bidder.criteo.com — Cisco Umbrella Rank: 978 dis.criteo.com — Cisco Umbrella Rank: 840 ssp-sync.criteo.com — Cisco Umbrella Rank: 902	9 KB
8	eu-4-id5-sync.com d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 62531 d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 62559 d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 62616 d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 62416 d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 62643 d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 62446 d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 61972 d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 62462	1 KB
8	eu-3-id5-sync.com d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 62641 d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 62642 d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 62909 d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 62210 d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 62760 d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 62547 d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 62998 d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 62623	1 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 408 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 771 aax.amazon-adsystem.com — Cisco Umbrella Rank: 535 s.amazon-adsystem.com — Cisco Umbrella Rank: 379	94 KB
8	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 263 cm.g.doubleclick.net — Cisco Umbrella Rank: 317	247 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 604 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 632 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 715	6 KB
7	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1186	827 B
7	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 519 cdn.id5-sync.com — Cisco Umbrella Rank: 799 api.id5-sync.com — Cisco Umbrella Rank: 1614	63 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 8543 identity.mparticle.com — Cisco Umbrella Rank: 4027 jssdks.mparticle.com — Cisco Umbrella Rank: 7748	139 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	705 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 417 ep2.adtrafficquality.google — Cisco Umbrella Rank: 434	26 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 2935 googlesync.permutive.com — Cisco Umbrella Rank: 14079	773 B
5	microsoft.com edge-auth.microsoft.com — Cisco Umbrella Rank: 30304	309 KB
4	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 9191	230 KB
4	loginradius.com postmedia.hub.loginradius.com — Cisco Umbrella Rank: 222250	1 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 591 ads.pubmatic.com — Cisco Umbrella Rank: 660 ut.pubmatic.com — Cisco Umbrella Rank: 1086	8 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 327 Failed acdn.adnxs.com — Cisco Umbrella Rank: 854 secure.adnxs.com Failed	19 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2513 launchpad.privacymanager.io — Cisco Umbrella Rank: 2056 geo.privacymanager.io — Cisco Umbrella Rank: 2039	42 KB
4	lrcontent.com auth.lrcontent.com — Cisco Umbrella Rank: 86887 config.lrcontent.com — Cisco Umbrella Rank: 36371	115 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 195	14 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 448	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 125	218 B
3	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 9220 i.viafoura.co — Cisco Umbrella Rank: 10020	3 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com	24 KB
3	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2674 tags.crwdcntrl.net — Cisco Umbrella Rank: 1129	14 KB
3	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1081 idsync.rlcdn.com — Cisco Umbrella Rank: 560 check.analytics.rlcdn.com — Cisco Umbrella Rank: 3491	985 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	405 KB
3	qortex.ai tags.qortex.ai — Cisco Umbrella Rank: 61778 events.qortex.ai — Cisco Umbrella Rank: 52500	18 KB
3	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 2943 fastlane.rubiconproject.com — Cisco Umbrella Rank: 612 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3254	300 KB
3	canada.com 1 redirects canada.com — Cisco Umbrella Rank: 805532 o.canada.com	59 KB
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 3213	375 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1436 s.tribalfusion.com — Cisco Umbrella Rank: 3318	1008 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 833 cdn.indexww.com — Cisco Umbrella Rank: 1872	2 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1188	1 KB
2	t.co t.co — Cisco Umbrella Rank: 1034	788 B
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 5739	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 4216 p1.parsely.com — Cisco Umbrella Rank: 2760	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 227	113 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 7584	55 KB
2	optable.co postmedia.solutions.cdn.optable.co — Cisco Umbrella Rank: 286618 ca.edge.optable.co — Cisco Umbrella Rank: 136887	10 KB
2	eu-1-id5-sync.com lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1225 lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 996	489 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 608 postmedia-d.openx.net — Cisco Umbrella Rank: 289313	686 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 4435	497 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1793	186 KB
2	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1406	201 B
2	permutive.app 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 220905 cdn.permutive.app — Cisco Umbrella Rank: 7928	162 KB
2	kindhush.com kindhush.com — Cisco Umbrella Rank: 218811	32 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 953	757 B
1	appier.net 1 redirects s.c.appier.net — Cisco Umbrella Rank: 3510	561 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 431	149 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 913	463 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3232
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1174	16 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1040	570 B
1	prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 292197	379 B
1	ccgateway.net pb-ing-postmedia.ccgateway.net — Cisco Umbrella Rank: 200521
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 15431
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 806	481 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1301	22 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 302	2 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 12664	3 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 14249	40 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 4369	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
0	fullcontact.com Failed tags.fullcontact.com Failed
0	intentiq.com Failed api.intentiq.com Failed sync.intentiq.com Failed
237	70

	Domain	Requested by
16	c2shb.pubgw.yahoo.com	micro.rubiconproject.com
14	dcs-static.gprod.postmedia.digital	o.canada.com dcs-static.gprod.postmedia.digital
7	btlr.sharethrough.com	micro.rubiconproject.com
6	www.googletagmanager.com	fem.gprod.postmedia.digital jssdkcdns.mparticle.com www.googletagmanager.com
6	smartcdn.gprod.postmedia.digital	o.canada.com
5	cm.g.doubleclick.net	3 redirects ssum-sec.casalemedia.com
5	gum.criteo.com	micro.rubiconproject.com gum.criteo.com
5	edge-auth.microsoft.com	o.canada.com edge-auth.microsoft.com
5	fem.gprod.postmedia.digital	o.canada.com fem.gprod.postmedia.digital
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	cdn.viafoura.net	fem.gprod.postmedia.digital cdn.viafoura.net
4	postmedia.hub.loginradius.com	fem.gprod.postmedia.digital auth.lrcontent.com
4	id5-sync.com	micro.rubiconproject.com cdn.id5-sync.com
4	api.permutive.com	fem.gprod.postmedia.digital 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
4	sb.scorecardresearch.com	1 redirects o.canada.com fem.gprod.postmedia.digital
3	ssp-sync.criteo.com
3	x.bidswitch.net	3 redirects
3	www.facebook.com	connect.facebook.net
3	identity.mparticle.com	jssdkcdns.mparticle.com
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	ib.adnxs.com	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app micro.rubiconproject.com acdn.adnxs.com
3	c.amazon-adsystem.com	o.canada.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	o.canada.com securepubads.g.doubleclick.net
2	prod.tahoe-analytics.publishers.advertising.a2z.com	c.amazon-adsystem.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ut.pubmatic.com	ads.pubmatic.com
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	config.lrcontent.com	auth.lrcontent.com
2	analytics.twitter.com
2	t.co
2	events.newsroom.bi	sdk.mrf.io
2	jssdks.mparticle.com	jssdkcdns.mparticle.com
2	connect.facebook.net	o.canada.com connect.facebook.net
2	sdk.mrf.io	o.canada.com sdk.mrf.io
2	api.viafoura.co	cdn.viafoura.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	geo.privacymanager.io	launchpad.privacymanager.io
2	api.sail-personalize.com	ak.sail-horizon.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	cdn.confiant-integrations.net	o.canada.com cdn.confiant-integrations.net
2	id.crwdcntrl.net	micro.rubiconproject.com
2	cdn.id5-sync.com	micro.rubiconproject.com o.canada.com
2	ups.analytics.yahoo.com	micro.rubiconproject.com
2	lexicon.33across.com	micro.rubiconproject.com
2	auth.lrcontent.com	o.canada.com cdn.viafoura.net
2	fonts.gstatic.com	fonts.googleapis.com
2	kindhush.com	o.canada.com kindhush.com
2	tags.qortex.ai	o.canada.com tags.qortex.ai
2	o.canada.com	dcs-static.gprod.postmedia.digital
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	s.c.appier.net	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	dis.criteo.com	1 redirects
1	ads.pubmatic.com	micro.rubiconproject.com
1	acdn.adnxs.com	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	postmedia-d.openx.net	micro.rubiconproject.com
1	www.gstatic.com	www.google.com
1	www.google.com	auth.lrcontent.com
1	check.analytics.rlcdn.com	micro.rubiconproject.com
1	i.viafoura.co	cdn.viafoura.net
1	prebid-a.rubiconproject.com	micro.rubiconproject.com
1	p1.parsely.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.parsely.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ca.edge.optable.co	postmedia.solutions.cdn.optable.co
1	jssdkcdns.mparticle.com	fem.gprod.postmedia.digital
1	postmedia.solutions.cdn.optable.co	fem.gprod.postmedia.digital
1	ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d7.eu-4-id5-sync.com	cdn.id5-sync.com
1	d6.eu-4-id5-sync.com	cdn.id5-sync.com
1	d5.eu-4-id5-sync.com	cdn.id5-sync.com
1	d4.eu-4-id5-sync.com	cdn.id5-sync.com
1	d3.eu-4-id5-sync.com	cdn.id5-sync.com
1	d2.eu-4-id5-sync.com	cdn.id5-sync.com
1	d1.eu-4-id5-sync.com	cdn.id5-sync.com
1	d0.eu-4-id5-sync.com	cdn.id5-sync.com
1	d7.eu-3-id5-sync.com	cdn.id5-sync.com
1	d6.eu-3-id5-sync.com	cdn.id5-sync.com
1	d5.eu-3-id5-sync.com	cdn.id5-sync.com
1	d4.eu-3-id5-sync.com	cdn.id5-sync.com
1	d3.eu-3-id5-sync.com	cdn.id5-sync.com
1	d2.eu-3-id5-sync.com	cdn.id5-sync.com
1	d1.eu-3-id5-sync.com	cdn.id5-sync.com
1	d0.eu-3-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	rtb.openx.net	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	grid-bidder.criteo.com	micro.rubiconproject.com
1	prebid.media.net	micro.rubiconproject.com
1	api.id5-sync.com	cdn.id5-sync.com
1	googlesync.permutive.com	o.canada.com
1	cdn.permutive.app	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1	pb-ing-postmedia.ccgateway.net	micro.rubiconproject.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	idsync.rlcdn.com	o.canada.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	static.adsafeprotected.com	o.canada.com
1	tags.crwdcntrl.net	o.canada.com
1	secure.cdn.fastclick.net	o.canada.com
1	events.qortex.ai	tags.qortex.ai
1	api.rlcdn.com	micro.rubiconproject.com
1	cdn.jsdelivr.net	micro.rubiconproject.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	launchpad-wrapper.privacymanager.io	fem.gprod.postmedia.digital
1	23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app	fem.gprod.postmedia.digital
1	www.npttech.com	o.canada.com
1	cdn-gateflipp.flippback.com	o.canada.com
1	ak.sail-horizon.com	o.canada.com
1	micro.rubiconproject.com	o.canada.com
1	fonts.googleapis.com	o.canada.com
1	canada.com	1 redirects
0	cs.admanmedia.com Failed
0	secure.adnxs.com Failed
0	tags.fullcontact.com Failed	fem.gprod.postmedia.digital
0	sync.intentiq.com Failed	o.canada.com
0	api.intentiq.com Failed	fem.gprod.postmedia.digital
237	128

This site contains links to these domains. Also see Links.

Domain
canoe.com
puzzmo.com
www.yourtraveldeals.ca
www.postmediasolutions.com
admanager.postmediasolutions.com
www.businesswire.com
www.globenewswire.com
m.cmpgn.page
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
info.postmediasolutions.com
adregistry.postmedia.com
www.postmedia.com

Subject Issuer	Validity	Valid
canada.com WR3	`2025-08-14` - `2025-11-12`	3 months	crt.sh
gprod.postmedia.digital WR3	`2025-08-22` - `2025-11-20`	3 months	crt.sh
upload.video.google.com WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-06` - `2026-04-03`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2024-12-12` - `2026-01-10`	a year	crt.sh
qortex.ai WE1	`2025-09-29` - `2025-12-28`	3 months	crt.sh
flippback.com Amazon RSA 2048 M04	`2025-07-19` - `2026-08-17`	a year	crt.sh
npttech.com WE1	`2025-10-07` - `2026-01-05`	3 months	crt.sh
kindhush.com E5	`2025-07-28` - `2025-10-26`	3 months	crt.sh
*.gstatic.com WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
lrcontent.com WE1	`2025-09-12` - `2025-12-11`	3 months	crt.sh
edge-auth.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2025-09-15` - `2026-03-14`	6 months	crt.sh
api.permutive.com R11	`2025-08-18` - `2025-11-16`	3 months	crt.sh
permutive.app WE1	`2025-09-16` - `2025-12-15`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M03	`2025-05-26` - `2026-06-23`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-22` - `2026-01-21`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-03` - `2025-12-06`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	a year	crt.sh
*.33across.com Sectigo Public Server Authentication CA DV R36	`2025-09-12` - `2026-09-30`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-09-29` - `2025-11-19`	2 months	crt.sh
id5-sync.com E8	`2025-09-01` - `2025-11-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-10` - `2026-09-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-06-08` - `2026-06-09`	a year	crt.sh
confiant-integrations.net WE1	`2025-08-29` - `2025-11-27`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M04	`2025-03-26` - `2026-04-25`	a year	crt.sh
flipp.com Amazon RSA 2048 M04	`2025-05-30` - `2026-06-27`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-11` - `2026-02-11`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2025-03-31` - `2026-04-29`	a year	crt.sh
ccgateway.net Amazon RSA 2048 M04	`2025-09-16` - `2026-10-15`	a year	crt.sh
*.prmutv.co E6	`2025-07-28` - `2025-10-26`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M03	`2025-02-22` - `2026-03-23`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-07-01` - `2025-12-24`	6 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-10` - `2026-04-30`	a year	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-07-17` - `2026-08-17`	a year	crt.sh
*.adnxs.com GeoTrust TLS ECC CA G1	`2025-09-25` - `2026-10-26`	a year	crt.sh
casalemedia.com E8	`2025-10-02` - `2025-12-31`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2025-08-12` - `2026-08-19`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
eu-1-id5-sync.com R13	`2025-09-01` - `2025-11-30`	3 months	crt.sh
eu-3-id5-sync.com E7	`2025-09-01` - `2025-11-30`	3 months	crt.sh
eu-4-id5-sync.com E8	`2025-09-01` - `2025-11-30`	3 months	crt.sh
adtrafficquality.google WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
*.loginradius.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-08-28` - `2025-12-13`	4 months	crt.sh
viafoura.com Amazon RSA 2048 M03	`2025-06-24` - `2026-07-23`	a year	crt.sh
*.google-analytics.com WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
postmedia.solutions.cdn.optable.co WR3	`2025-10-03` - `2026-01-01`	3 months	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2025-05-03` - `2026-06-04`	a year	crt.sh
ca.edge.optable.co WR3	`2025-08-24` - `2025-11-22`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2025-05-08` - `2026-06-09`	a year	crt.sh
ads-twitter.com R11	`2025-08-04` - `2025-11-02`	3 months	crt.sh
sdk.mrf.io WE1	`2025-09-09` - `2025-12-08`	3 months	crt.sh
*.facebook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-07-18` - `2025-10-16`	3 months	crt.sh
parsely.com E5	`2025-08-10` - `2025-11-08`	3 months	crt.sh
jssdks.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-09-15` - `2025-10-17`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M04	`2025-09-09` - `2026-10-08`	a year	crt.sh
ssl03.cert.cl15.k8s.mrf.io E7	`2025-10-07` - `2026-01-05`	3 months	crt.sh
t.co E7	`2025-09-17` - `2025-12-16`	3 months	crt.sh
twitter.com E6	`2025-08-19` - `2025-11-17`	3 months	crt.sh
viafoura.co Amazon RSA 2048 M04	`2025-09-23` - `2026-10-22`	a year	crt.sh
*.analytics.rlcdn.com Amazon RSA 2048 M03	`2025-03-10` - `2026-04-08`	a year	crt.sh
*.google.com WE2	`2025-09-22` - `2025-12-15`	3 months	crt.sh
indexww.com WE1	`2025-09-21` - `2025-12-20`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2025-04-28` - `2026-05-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M02	`2024-12-23` - `2026-01-22`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://o.canada.com/
Frame ID: E1C5F748D12E34AC49105275201527E4
Requests: 187 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v133.0/xd.html
Frame ID: 8F5835EDE94ACEA9F43F9F0BE3A1E90A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.permutive.app/topics.html
Frame ID: AE47218B217B2A4B7377AA7F6D03AC2E
Requests: 1 HTTP requests in this frame

Frame: blob://https://o.canada.com/99adfa39-a21f-41a8-bd6d-ca9ffea7c1a1
Frame ID: 1607ABC82D59F28B86D47688830D52C4
Requests: 1 HTTP requests in this frame

Frame: https://ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 4218E684429387BF7F79A70E0979D65A
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: C3AF9628D17C95ECA0B31D927BA172AD
Requests: 3 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: DDFC6B54408F026F2E7DD5A117F6D0D6
Requests: 4 HTTP requests in this frame

Frame: https://postmedia-d.openx.net/w/1.0/pd
Frame ID: 142F6CDA96498E761AFB126F2FEAB4EC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 34B0DD77A30DB9415BED19B63A2C79B8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9BA8ECC50682AD1F01A4358EDA9BC113
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=o.canada.com&gpp=
Frame ID: 9C2DAEE73BAF03C4ACD8507E6B8BF369
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 75F54FC8DBD2E735753A259B88E96885
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 958B02E6C637170BBF2204CA5323A4B0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada.Com | Homepage | Canada.Com

Page URL History Show full URLs

http://canada.com/ HTTP 307
https://canada.com/ HTTP 301
https://o.canada.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

237
Requests

92 %
HTTPS

0 %
IPv6

70
Domains

128
Subdomains

106
IPs

9
Countries

3930 kB
Transfer

13211 kB
Size

65
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://canoe.com/deals/best-amazon-prime-day-deals-in-canada-october-2025?itm_source=index
Title: Amazon Prime Day is here: Shop deals curated by our Canoe Shopping Essentials team. Save now >> Amazon Prime Day is here: Shop deals curated by our Canoe Shopping Essentials team. Save now >>

Search URL Search Domain Scan URL

URL: http://puzzmo.com/+/canada/
Title: Puzzmo

Search URL Search Domain Scan URL

URL: https://www.yourtraveldeals.ca/canadacom/
Title: Travel Deals

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/contact-us/
Title: Advertising With Us

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/
Title: Advertising Solutions

Search URL Search Domain Scan URL

URL: https://admanager.postmediasolutions.com/
Title: Postmedia Ad Manager

Search URL Search Domain Scan URL

URL: https://www.postmediasolutions.com/partnerships/
Title: Sponsorship Requests

Search URL Search Domain Scan URL

URL: https://www.businesswire.com/
Title: Promoted By Business Wire

Search URL Search Domain Scan URL

URL: https://www.globenewswire.com/
Title: Promoted By GlobeNewswire

Search URL Search Domain Scan URL

URL: https://m.cmpgn.page/tM2B2W?utm_source=contests
Title: Simons Contest

Search URL Search Domain Scan URL

URL: https://m.cmpgn.page/NWBwPp?utm_source=contests
Title: CLOSED - Ottawa Fall Home Show Contest (Contest open in Ontario only)

Search URL Search Domain Scan URL

URL: https://m.cmpgn.page/qLwWrN?utm_source=contests
Title: CLOSED - Cinefest Sudbury Contest 2025 (Contest open in Ontario only)

Search URL Search Domain Scan URL

URL: https://m.cmpgn.page/GjZNjs?utm_source=contests
Title: CLOSED - Cirque du Soleil ECHO Calgary Contest (Contest open in Alberta only)

Search URL Search Domain Scan URL

URL: https://m.cmpgn.page/VC1fC4?utm_source=contests
Title: CLOSED - 2025 CPKC Women's Open Contest (Contest open in Ontario only)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/canada.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/CanadaDotCom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/canadacomvideo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/canadadotcom/

Search URL Search Domain Scan URL

URL: https://info.postmediasolutions.com/en-ca/ad-manager-lp
Title: Postmedia Ad Manager

Search URL Search Domain Scan URL

URL: https://adregistry.postmedia.com/
Title: Digital Ad Registry

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.postmedia.com/brands

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://canada.com/ HTTP 307
https://canada.com/ HTTP 301
https://o.canada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_tc= HTTP 302
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPRqQdt1umRLIW9FuTpRYzs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_cver=1

Request Chain 216

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 219

https://x.bidswitch.net/sync?ssp=criteo&custom_data=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-UqVjaCwGF1CC1p49PNmhNTlJDn2v7PajwgqmqA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-UqVjaCwGF1CC1p49PNmhNTlJDn2v7PajwgqmqA HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-lYOXiiwGF1CC1p49PNmhNTlJDn2Zn0Bcy7rPaQ&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&u=23098e56-89ce-4c17-9ce0-6446f79abb32

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-UqVjaCwGF1CC1p49PNmhNTlJDn2v7PajwgqmqA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dTjOwCl85aUElMkZxQ0wlMkJ0WFlBcnA1WjJvbEhkZG1vYlkzbTdEZGNPN3RUNTRZeTgwOCUzRA%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/match?p=TjOwCl85aUElMkZxQ0wlMkJ0WFlBcnA1WjJvbEhkZG1vYlkzbTdEZGNPN3RUNTRZeTgwOCUzRA&u=CAESEN1H4Lw7HOvhQwlFfNOg7JY&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 222

https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=8695803734065763831

Request Chain 224

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 226

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aObCbLmqPEEADitDAacRjQAA

Request Chain 228

https://s.c.appier.net/index?userId=aObCbLmqPEEADitDAacRjQAA%261134&gdpr=&us_privacy= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=j2fUb_fyCTqObM9HbcLmaA&gdpr=1

Request Chain 229

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aObCbLmqPEEADitDAacRjQAA HTTP 302
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aObCbLmqPEEADitDAacRjQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662113339284364

Request Chain 231

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433839956464277

237 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
o.canada.com/
Redirect Chain

http://canada.com/
https://canada.com/
https://o.canada.com/

320 KB
58 KB

162ms
100ms

Document
text/html

34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

636c43233b344b42e915c971055a64f2e89e4f7022c6762ad8f2d99f10e4bace

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=180
content-encoding: gzip
content-language: en
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Oct 2025 19:58:31 GMT
expires: Wed, 08 Oct 2025 20:01:37 GMT
last-modified: Wed, 08 Oct 2025 19:57:36 GMT
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Accept-Language
via: 1.1 google
x-content-type-options: nosniff
x-dcs-cache-page: HIT
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
x-pmd-backend: pmd-nginx-proxy-6978cb7d6c-hnjsn
x-pmd-cache: HIT

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 08 Oct 2025 19:58:31 GMT
location: https://o.canada.com/

GET
H2 200 1011-trav-briefs-play1_299154345.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/ 17 KB
17 KB 84ms
18ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/1011-trav-briefs-play1_299154345.jpg?quality=90&strip=all&w=466&type=webp&sig=99N2Hon52cbmNwc_Gubkog
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: e2dba5995e2bcb1ed8a98520648b723dd736a9583b568474c8ea342e4e986f9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "ac9c93acd60a164924eb004d03ce89ef3588937a"
age: 103758
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-cs2sr
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17572
date: Tue, 07 Oct 2025 15:09:13 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ocanada
server: nginx/1.18.0
vary: Accept

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 55ms
21ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

9229b0a910b02f462b162a168565bb680ce91c7f02f1463ca4763a470c831ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 19:58:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 08 Oct 2025 19:58:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 layout.min.css
dcs-static.gprod.postmedia.digital/19.7.1/websites/css/ 29 KB
3 KB 60ms
17ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/layout.min.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=0StZFg==, md5=t6ZH0zqUL2aqGsE5kjZ0Bw==
content-encoding: br
etag: W/"b7a647d33a942f66aa1ac13992367407"
age: 96098
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 29822
date: Tue, 07 Oct 2025 17:16:53 GMT
last-modified: Tue, 07 Oct 2025 17:04:51 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3IvvuQuSK43JgWt036Q6f9qsXBHtjTQy1ncKIlM5bsRFmmC0gzqK6rdKaIdlxSRgcSzXv8unA
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856691541414
content-length: 2526
server: UploadServer

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 111 KB
34 KB 47ms
25ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1502275829adac52e8f43d7737a4d1af032707b18658c07443e9e849f5fe1a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
etag: 766 / 20369 / m202510020101 / config-hash: 13278519513086609008
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 19:58:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34631
x-xss-protection: 0
server: cafe

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 337 KB
85 KB 81ms
30ms Script
application/javascript 18.239.70.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-135.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97be8d3b3ffb588831c194a84cb32d6fd5bdedd8291bf349f1a1876c96fe3a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"2de2754460e9041366d32cb94768de0c"
age: 16
via: 1.1 e4a99a83f5512cdd81d7e04f709bb800.cloudfront.net (CloudFront), 1.1 6099a68d04a7ee2150888338bfdc451a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: FnkNgUyRnMqZv8MTqoiYEN-Vcfh1-67hSzfqzTvBKEaIs5EPKtGcuw==
date: Wed, 08 Oct 2025 19:58:16 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P14, AMS58-P4
server: AmazonS3
last-modified: Fri, 26 Sep 2025 20:53:06 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 14648.js Show response
micro.rubiconproject.com/prebid/dynamic/ 2 MB
300 KB 51ms
10ms Script
text/javascript 23.67.132.201
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.132.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-132-201.deploy.static.akamaitechnologies.com
Software: Apache/2.4.65 (Debian) PHP/8.3.24 OpenSSL/3.5.1 /
Resource Hash: fe2c5fa31ee50bd9fcc220cf5aee32afec3fbaa71deb48bf5d54a067722a9724

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

edge-cache-tag: prod-prebid-14648_postmedia_pbjs.js
cache-control: public, must-revalidate, max-age=14400
content-encoding: gzip
expires: Thu, 09 Oct 2025 19:49:53 GMT
content-length: 306755
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding, referer
server: Apache/2.4.65 (Debian) PHP/8.3.24 OpenSSL/3.5.1

GET
H2 200 styles-canada-global.min.css
dcs-static.gprod.postmedia.digital/19.7.1/websites/css/ 104 KB
17 KB 52ms
10ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/styles-canada-global.min.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dad9d17ba5045075acba2a971e8e58f03cfca04f3610439ae5c9f284c72269b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419262
x-goog-hash: crc32c=iJeEBA==, md5=77YQCn3i+bbwv68JhJaWmA==
content-encoding: br
etag: W/"efb6100a7de2f9b6f0bfaf0984969698"
age: 95912
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 106372
date: Tue, 07 Oct 2025 17:19:59 GMT
last-modified: Tue, 07 Oct 2025 17:04:55 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3ILfp2gYuZdydSnaqCWiyRvNhr8EELaaoHsElfrUx5Bm3zFc38KPTjdGT3rdXfqr1zqH6J75w
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856695466948
content-length: 16932
server: UploadServer

GET
H2 200 styles-canada-global-ugc.min.css
dcs-static.gprod.postmedia.digital/19.7.1/websites/css/ 72 KB
8 KB 56ms
14ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/styles-canada-global-ugc.min.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ed551decb01886f399d177154bdf8271dc4f6c81d4e26db991d14f0b76679384

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=04LFng==, md5=cGLLp/RgKnfppTdmuyVpPQ==
content-encoding: br
etag: W/"7062cba7f4602a77e9a53766bb25693d"
age: 95912
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 73315
date: Tue, 07 Oct 2025 17:19:59 GMT
last-modified: Tue, 07 Oct 2025 17:04:55 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3InQouuAnPaT870KvTp-A5I45hTr6aHjSIsNZbkeA1Bs2825Em0aRhJeEfkYsxA478AfP6XSQ
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856695364368
content-length: 8436
server: UploadServer

GET
H2 200 styles-canada-category.min.css
dcs-static.gprod.postmedia.digital/19.7.1/websites/css/ 50 KB
8 KB 60ms
18ms Stylesheet
text/css 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/styles-canada-category.min.css
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d1b3c979e3d60c0bc8340fcdcb986e8545b42897052bde1478738d2673fa933

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=Fk2etQ==, md5=S2noGo4pUUoNQ6Rmv8sVBA==
content-encoding: br
etag: W/"4b69e81a8e29514a0d43a466bfcb1504"
age: 90164
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 50719
date: Tue, 07 Oct 2025 18:55:47 GMT
last-modified: Tue, 07 Oct 2025 17:04:54 GMT
content-type: text/css
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3LXVC62bd9BYjCGr0Cgo9_yMNIGgTgRzlAyaBdhl75JZ-0-P-YNU_qrK-UsVh0vA4Yhi5eh5w
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856694671712
content-length: 7495
server: UploadServer

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 140 KB
48 KB 95ms
29ms Script
application/javascript 18.239.83.50
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-50.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c67261a56a786f80d830f7ec7073ebda19fa2802b42ccacc76c0db41b7b8a5d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600; must-revalidate
content-encoding: gzip
etag: W/"98e8aa5f59df37a1504d1f5adf8de49c"
age: 567
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zt2fY9ok5GpUEKrjgHBSMGNCwOPle8kMx-vzHKixp7URqWj_KCukkw==
date: Wed, 08 Oct 2025 19:49:04 GMT
content-type: application/javascript
last-modified: Mon, 22 Sep 2025 06:44:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256

GET
H2 200 fem.js Show response
fem.gprod.postmedia.digital/v133.0/ 367 KB
87 KB 75ms
10ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4f08cb1c9bf79001e26e7305760c1d8bcaec6a1fa017e52954f1e75c64618e60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759243739
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=XntA3w==, md5=yQm/UvXpl8Z8miQms5wLkg==
content-encoding: br
etag: W/"c909bf52f5e997c67c9a2426b39c0b92"
age: 96020
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 375739
date: Tue, 07 Oct 2025 17:18:11 GMT
last-modified: Tue, 30 Sep 2025 14:49:17 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3JXayY2367Zi_i4KdjnCsRcRg2MwJhTUka17ZoepzvwHyuGHtzdOTiwp6JX183qmCcBW-nIDQI
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759243757321445
content-length: 88314
server: UploadServer

GET
H2 200 bootstrapper Show response
tags.qortex.ai/ 28 KB
6 KB 232ms
198ms Script
application/javascript 104.26.1.62
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tags.qortex.ai/bootstrapper?group-id=joyykuFZyk6CDVfLK3jjIg&video-container=jw-qortex-target|cnx-main-container&continuous-load=true
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0d6133b474f8da38d343f9bc474ae59a4f6332fc2b44bd4d0855e9b8f632ee0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"3d0855778743dde19f81c96a2e605b47802829ce"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UStI5Ygznz%2BdgTMrAxD9k8bcsF9sos6UJBbMB%2BcGjeSFsO4Kcy0Stt6QoAq9uGXnwd3W%2Bzq3xC%2F%2F%2BeExwyfSYEClLPm72OXneh2CGM0%3D"}]}
cf-ray: 98b836a95de4dc78-FRA
access-control-allow-origin: *
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 14 Jul 2025 14:26:07 GMT
server: cloudflare
x-powered-by: Express

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 112 KB
40 KB 146ms
110ms Script
application/javascript 13.35.58.95
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-95.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: d6b2a6cdfdba06b1fa5e65821f4d16a80e892a357fd0cee8f06761639e56e6a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: no-store
content-encoding: gzip
x-envoy-upstream-service-time: 4
via: 1.1 172c1df55a41f1a1b144f3711399cfc4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 4o0EL5aD8mpo7Mv22L0iFtiBqBZJpXa6exR1BZPFWvFljU_QryNw0Q==
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: application/javascript
vary: Origin,Origin, Accept-Encoding
server: envoy
x-amz-cf-pop: FRA60-P10

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 37ms
16ms Script
application/javascript 104.21.66.34
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.66.34 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
age: 2162
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DhutLqk%2FHFbpWbIWVBqzTx0DJZkrCp%2Fe93m0TuePoVSBrmXJE6mtTxeAfD479Ds7AFjwT%2F9yBzTy8shLcPY2HygGZPS%2FWU0IiVkjyroTFA%3D%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Oct 2025 19:58:31 GMT
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
vary: accept-encoding
content-type: application/javascript
priority: u=3,i=?0
x-amz-id-2: e689iz1GnSzXiaqhXhd1Na2WxlUCxFHZHPOW6dafohu7Jhi4k58ui7VRriFfaMz8qOhvA4fSucQ=
cache-control: max-age=28800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-amz-request-id: 34YH43DMYXR70290
cf-ray: 98b836a939e218f9-FRA
server: cloudflare

GET
H2 200 1011-trav-briefs-bolzano1_299154425.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/ 34 KB
34 KB 63ms
9ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/1011-trav-briefs-bolzano1_299154425.jpg?quality=90&strip=all&w=344&type=webp&sig=x4DuOEgIAOf1Xnh1Bg3Ffw
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 78f788cdce2225e74b639d1d4c338cb6abd5e655f4e4de70905d0bc5f550ec6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "248f0a2bb4c029390743f48e927109c6963a6f49"
age: 100081
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-knqkk
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35034
date: Tue, 07 Oct 2025 16:10:30 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ocanada
server: nginx/1.18.0
vary: Accept

GET
H2 200 jaimie-harmsen-8d9jdqyGaQA-unsplash-5.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/ 17 KB
17 KB 75ms
21ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/jaimie-harmsen-8d9jdqyGaQA-unsplash-5.jpg?quality=90&strip=all&w=344&type=webp&sig=0YO6CMdLXSns5T-tRYRKjA
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 1ce1d60a93b09bbc378f0db12c45d555bfacdda5be756b0db039c582944b5ab9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "e437f9b2d4e1211bdbbe9656d13706c1a6abc7b3"
age: 447984
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-wc29g
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17524
date: Fri, 03 Oct 2025 15:32:07 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ocanada
server: nginx/1.18.0
vary: Accept

GET
H2 200 dsc01434_298645449.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/ 25 KB
25 KB 23ms
21ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/10/dsc01434_298645449.jpg?quality=90&strip=all&w=344&type=webp&sig=uymWpr_tYd7RcQfju6z5jg
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: d2f0a269066ec842ad597cfa0bc720df35639b3926388fe7401db2bb04609185

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "f93c6459fdd40f12968e9c2922fc894d53e88db0"
age: 256662
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-wc29g
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25976
date: Sun, 05 Oct 2025 20:40:49 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ocanada
server: nginx/1.18.0
vary: Accept

GET
H2 200 Marriott_International_Luminara.jpg
smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/09/ 38 KB
39 KB 18ms
17ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ocanada/wp-content/uploads/2025/09/Marriott_International_Luminara.jpg?quality=90&strip=all&w=344&type=webp&sig=g3y27K9Cu-TYHFzKn7mrJw
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: fa13d78ecbc3d2113df6d6f0e5d0a2fb0bdb2feeba236a3cf34c099a5b4122ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "ba9ffc6281cc10786beedc806b26eb2756cd26c9"
age: 200222
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-gkhck
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39312
date: Mon, 06 Oct 2025 12:21:29 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ocanada
server: nginx/1.18.0
vary: Accept

GET
H2 200 b43ftj.min.js Show response
kindhush.com/static/h5brpd/ 92 KB
32 KB 80ms
30ms Script
text/javascript 34.120.37.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://kindhush.com/static/h5brpd/b43ftj.min.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.37.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

167.37.120.34.bc.googleusercontent.com

Software

hoothoot/2057348350 /

Resource Hash

d7ad1737cc10e06d2df8f0f14367e5977499532f167a93bf2c062b0356337181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
content-encoding: zstd
etag: W/"9eda70f12fe00fd01044c59b8915b06dbca8b8c8760811ed601a623c202dd234"
via: fen-hoothoot-europe-west1-ffgg.gce-europe-west1, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language
server: hoothoot/2057348350

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10276888/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

21 KB
7 KB

32ms
32ms

Script
text/javascript

18.244.18.27
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"3f6dea365716e8ba82711013483c4d83"
age: 67098
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CLTkkc02-ezeQibXnxGjNCLFPtyZiCVoDJEbEKAu42KujPsCRCqynQ==
date: Wed, 08 Oct 2025 01:20:15 GMT
content-type: text/javascript
last-modified: Mon, 08 Sep 2025 12:31:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: ten-1XotnPUkW_VSrQ1TilVLAThxha1Kx4KCUE4a4kgmv6yWsnCZoQ==
date: Wed, 08 Oct 2025 19:58:31 GMT
x-amz-cf-pop: FRA56-P11

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v49/ 39 KB
39 KB 23ms
7ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://fonts.googleapis.com/

Response headers

age: 129834
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 07 Oct 2026 07:54:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 07:54:37 GMT
last-modified: Mon, 08 Sep 2025 18:08:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

GET
H3 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v31/ 21 KB
21 KB 26ms
10ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v31/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

ab74f0c2d7ec37e44e017b9586675dd00c519591207dc3bbc8e003c5628dc9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://fonts.googleapis.com/

Response headers

age: 129760
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 07 Oct 2026 07:55:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 07:55:51 GMT
last-modified: Wed, 10 Sep 2025 16:49:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21128
x-xss-protection: 0
server: sffe

GET
H2 200 icon-fire.svg
dcs-static.gprod.postmedia.digital/19.7.1/websites/images/common-icon/ 835 B
1 KB 11ms
8ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/images/common-icon/icon-fire.svg
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/styles-canada-global-ugc.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/css/styles-canada-global-ugc.min.css

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419260
x-goog-hash: crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
etag: "9c6e99306a671d196d8945273b28bfe8"
age: 96097
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 835
date: Tue, 07 Oct 2025 17:16:54 GMT
last-modified: Tue, 07 Oct 2025 17:05:30 GMT
content-type: image/svg+xml
x-guploader-uploadid: AAwnv3KKdNORNgQw35cPy7x8yJZGYm2IkE7Hij-PJ0mOZCK5Q_pTfNYebeaHGwvXKK0UwNXRPASqJQ
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1759856730237203
content-length: 835
server: UploadServer

GET
DATA 200
OK truncated
/ 2 B
2 B Image
text/plain

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 icon-vs-travelTime.svg
dcs-static.gprod.postmedia.digital/19.7.1/websites/images/newsletters/ 22 KB
10 KB 10ms
10ms Image
image/svg+xml 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/images/newsletters/icon-vs-travelTime.svg
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6ae73c7e328e26cea91aa7aa306b5f191a68a11daa2f7cf8ad76b37c590b4f15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419260
x-goog-hash: crc32c=s2sorA==, md5=mPaU3r6+zQiynTYNjzIaaQ==
content-encoding: br
etag: W/"98f694debebecd08b29d360d8f321a69"
age: 91339
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22951
date: Tue, 07 Oct 2025 18:36:12 GMT
last-modified: Tue, 07 Oct 2025 17:05:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3INZXsDkCfZIQ1lv9pn90pwPFUw3kdGIhVjSG9iw_1kzDKZNTrwXebLEqEMan0NeUZZvwFdog
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856746393224
content-length: 9627
server: UploadServer

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/js/ 245 KB
57 KB 57ms
22ms Script
text/javascript 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://auth.lrcontent.com/v2/js/LoginRadiusV2.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.235 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0757d71db4878b3901dadb04fc5cfc53b8e991ef868751795a048b17ea5164

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: hM_dFG_KVQh5JCEXbvPhZcNO445O.qug
etag: W/"8b21ac44d5cc654e0e799a9870a9f65e"
age: 282
expires: Wed, 08 Oct 2025 23:58:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1IhJgF15ty_-EjvzcHQ8LV9mGHrdFWrKenDNINvaeuxvxDNUVoyE5g==
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/javascript
last-modified: Tue, 16 Sep 2025 07:43:42 GMT
vary: Origin, Accept-Encoding
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cache-control: public, max-age=14400
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
cf-ray: 98b836a98c0e4dbb-FRA
x-amz-cf-pop: OSL50-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ms_auth_client.min.js Show response
edge-auth.microsoft.com/js/ 280 KB
281 KB 153ms
41ms Script
text/javascript 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-UoP57LkoLzjz3VFKC8TUViHoOFDpVEboMhyyiCHE6CE6hLF/FUIogioth6O9t5iGEr3rtuPruXF7PzgoaXhN4Ayi4EmxnSdtet17y/qL6P91JW4U8DVPMyVzRV413BiWRMVtMBg+SfSO3lQeNiBGep8QwKkWRO8HWL1jSaKCqbc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-UoP57LkoLzjz3VFKC8TUViHoOFDpVEboMhyyiCHE6CE6hLF/FUIogioth6O9t5iGEr3rtuPruXF7PzgoaXhN4Ayi4EmxnSdtet17y/qL6P91JW4U8DVPMyVzRV413BiWRMVtMBg+SfSO3lQeNiBGep8QwKkWRO8HWL1jSaKCqbc=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: "1db3b81182960c4"
x-msedge-ref: Ref A: 06FF39FE3F024543AC4BB62B60C5BF05 Ref B: AMS04EDGE1415 Ref C: 2025-10-08T19:58:32Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 286660
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 19:19:18 GMT

GET
H2 200 main.min.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 41 KB
13 KB 9ms
9ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 599177c22dba99aab1ecce3a2897835a2e6a993b104ebc04f3c1a4e3c663be4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=Wn0AuA==, md5=U2XwYuzbnNgzIk7LD6O+dw==
content-encoding: br
etag: W/"5365f062ecdb9cd833224ecb0fa3be77"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 41736
date: Tue, 07 Oct 2025 17:15:46 GMT
last-modified: Tue, 07 Oct 2025 17:05:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3IQxXYufaOo_IE77rvWXbnFI8W-C1W_HFwBVlLkGSsN6LtEqivSw7HP7KV86BI4sis2
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856754588701
content-length: 13515
server: UploadServer

GET
H2 200 xd.html Show response
fem.gprod.postmedia.digital/v133.0/ Frame 8F58 166 B
671 B 40ms
12ms Document
text/html 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fem.gprod.postmedia.digital/v133.0/xd.html
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d88ed294bb7bc1856e1efcb2b8c1e5d1d0dce22371e91ba086bbb0b74df0f772

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 96078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31622400
content-length: 166
content-type: text/html
date: Tue, 07 Oct 2025 17:17:13 GMT
etag: "43dc2b3dbc4cf8dd6e1a46cc8690ce0e"
last-modified: Tue, 30 Sep 2025 14:49:18 GMT
server: UploadServer
x-cache-hit: hit
x-goog-generation: 1759243758095224
x-goog-hash: crc32c=1ui0Kw== md5=Q9wrPbxM+N1uGkbMhpDODg==
x-goog-meta-goog-reserved-file-mtime: 1759243739
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 166
x-guploader-uploadid: AAwnv3Lr7W6Ex3ssJJqReB_bShS7ReTxtmctz8SuMLuEsPbK-yGn0M2Yz5q5laxXfPi10SOXQWISy8k

POST
H2 200 segment Show response
api.permutive.com/ctx/v1/ 180 B
300 B 92ms
59ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.permutive.com/ctx/v1/segment?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: d0416fa64f7e54da9b7cab5337e0f407b7686362f6c8d502ad5e76b5f7ea2eba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: application/json

GET
H2 200 23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 662 KB
162 KB 60ms
26ms Script
application/javascript 172.64.152.243
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.243 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 796a30f5020e6e118d1812f3d81aa5ca6d83825934813fac9a985eeef81ec466

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
content-encoding: br
x-goog-hash: crc32c=DO6drA==, md5=gZwOptmGeJthk7tcdaj7qg==
etag: "819c0ea6d986789b6193bb5c75a8fbaa"
x-goog-meta-oid: 23dc09d6-b664-425a-a76e-0eed6a6cc102
cf-cache-status: HIT
age: 0
x-goog-stored-content-encoding: br
expires: Wed, 08 Oct 2025 20:13:32 GMT
x-goog-stored-content-length: 164662
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/javascript
last-modified: Wed, 08 Oct 2025 09:10:59 GMT
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3LQqzH5eIGl2QsF6ltK9T6f0Gb8Bub46ULJzZSeqpwzgfKpQwWcgKm0cxuHXwGfVeV3
cache-control: public, max-age=900
timing-allow-origin: *
x-goog-storage-class: REGIONAL
cf-ray: 98b836a9fb52b10b-FRA
accept-ranges: bytes
x-goog-generation: 1759914659375722
content-length: 164662
server: cloudflare

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/0787f10e-ca64-4393-8cda-1b8744767af9/ 9 KB
3 KB 56ms
17ms Script
text/javascript 3.160.150.105
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/0787f10e-ca64-4393-8cda-1b8744767af9/launchpad-liveramp.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 251064baf918266911c39c75358e3be30d009e4d98a13dc973082f6e5379813a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
x-amz-version-id: SnPAkb3gE85JKewiOIIsnUcWZrJcnL.8
etag: W/"9319cc1f3df59eaecfe349b151d2d82a"
age: 63785
x-cache: Hit from cloudfront
x-amz-cf-id: G5u1trzWAtTKtnZmTgSJjGn3Od9WdQu2IrsV6KSRcfVUxd7QPjw4yg==
date: Wed, 08 Oct 2025 02:15:28 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Fri, 18 Apr 2025 15:39:32 GMT
content-disposition: attachment; filename="launchpad-liveramp.js"
x-amz-replication-status: COMPLETED
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 IIQUniversalID.js Show response
fem.gprod.postmedia.digital/v133.0/ 166 KB
44 KB 10ms
9ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fem.gprod.postmedia.digital/v133.0/IIQUniversalID.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 49d6f05da6927c107df395d78174b75314890d8ce6deb15d2c0f30748e5dc065

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759243739
x-goog-hash: crc32c=0iV3zQ==, md5=1VwmSUd8kqAW/Mgs8efqNg==
content-encoding: br
etag: W/"d55c2649477c92a016fcc82cf1e7ea36"
age: 96020
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 169477
date: Tue, 07 Oct 2025 17:18:11 GMT
last-modified: Tue, 30 Sep 2025 14:49:16 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3IUl6KeVO2sAyHjkNRwsQRReigf4bpdA0kuhKJaQwl6BOWfCuHA2mLDT7KVQbLH9t1RoRd1YXA
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759243756975163
content-length: 44938
server: UploadServer

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/ 596 KB
188 KB 8ms
8ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

400056c8a79d706e2e93938456645d459a8eef705cae535f9eb3a17150574c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
etag: 13803039666639492402
age: 31688
x-content-type-options: nosniff
expires: Thu, 08 Oct 2026 11:10:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 08 Oct 2025 11:10:23 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 192751
x-xss-protection: 0
server: cafe

GET
H2 200 3528 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
797 B 43ms
14ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3528
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: fdeaf00018129fff56ddcb03d2c1c43a1893cdc5d12bdbae125a0bf71dfd6761

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=3600
age: 318
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: UqEciIBVNGm9LoHd3ootiX1KH2WNsqYKfxUMeWi49HqBx7UytJYn2Q==
date: Wed, 08 Oct 2025 19:53:14 GMT
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
4 KB 124ms
123ms XHR
application/json 18.239.70.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-135.ams58.r.cloudfront.net
Software: Server /
Resource Hash: eb86e49243c7a1a96ec3c1e4bd7b9ab7c30bb93f18c1f595cd6efbb82b40569e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 6099a68d04a7ee2150888338bfdc451a.cloudfront.net (CloudFront)
access-control-allow-origin: https://o.canada.com
x-cache: Miss from cloudfront
content-length: 3420
x-amz-cf-id: C3CuoEZrOQZrDVbP3EDINgqTJFOOhAWNK3Tp_xXvLWqxxE4L40r_4A==
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: AMS58-P4
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 60ms
28ms XHR
application/javascript 18.239.70.135
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-135.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 49953
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 5AI_rcH0NIs-xJ92sCbIPqXJGt8NsHslaicLcGTnmk2gdWxrZvQl3w==
date: Wed, 08 Oct 2025 06:06:00 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: AMS58-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 108ms
69ms Preflight
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fo.canada.com%2F&domain=o.canada.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 08 Oct 2025 19:58:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 171301
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 55ms
25ms Fetch
application/json 104.16.174.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20251008

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.174.226 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e37a7b985176f00570610448c9d3453014374644bee0fb45a2a7253cfa1508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"64b-RuuXGjv0BvJVkiWUVZkTbv6ro6k"
age: 17871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49tbIFhWbWvnZ98O5uHpI7vLefbZmBU9rR%2FgI%2BX1MdSYSDJEfDyxPKLeWdfLygXT86lGVlQB3u16g8jnWj19v1mGgdS7hSa9nto2%2B%2B7lBMqMiNh418ct5sp9MdPPAu8MESA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-etou8220102-FRA, cache-vie6352-VIE
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 98b836ab9851d25e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 829
server: cloudflare
x-jsd-version: 1.0.2573

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
201 B 428ms
227ms Fetch
application/json 37.19.206.161
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=9.47.0&coppa=0
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.19.206.161 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-37-19-206-161.datapacket.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-origin: https://o.canada.com
content-length: 49
content-type: application/json
vary: origin
access-control-allow-credentials: true

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58877/ 2 B
250 B 157ms
91ms Fetch
application/json 87.248.119.252
YAHOO-IRD Yahoo-U...

General

Check archive.org

Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58877/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://o.canada.com/&pixelId=58877

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000
age: 0
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://o.canada.com
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json
vary: Origin
server: ATS

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
371 B 97ms
69ms Fetch
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fo.canada.com%2F&domain=o.canada.com&cw=1&lsw=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 210134
expires: 0
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 195 B
643 B 119ms
64ms Fetch
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

30d272b85536201e2048467cbae2d9b2deecc1cec8ebe1831dd217cb5801a03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://o.canada.com
p3p: CP="CAO PSA OUR"
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

GET
H2 200 id5PrebidModule.js Show response
cdn.id5-sync.com/api/1.0/ 97 KB
28 KB 46ms
17ms Script
text/javascript 104.20.23.13
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.23.13 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec71f8e0dae619b8c2883e9430255c8014f85f47ac9569cc48fb5e3f16bc2abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-amz-id-2: pWYs6IadWuWlNVhJzyUkQEUrhboTx42nq4VJScFGuAQ8qv+14k2DdnGR1fS5ACApS/U0S1dFjgwloYxDXAsAMor7IgnDoXRPk1NBZAESef0=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"4e1ee4bf6ede8dbaa456c4efa3ca3ae7"
age: 1469
x-amz-request-id: S5JG3VK7TZR7FS8B
cf-ray: 98b836abacb5d9de-FRA
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 01 Oct 2025 09:17:22 GMT
vary: accept-encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
250 B 99ms
60ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=14359
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 08 Oct 2025 19:58:32 GMT
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 160ms
80ms Fetch
application/json 54.217.15.209
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://id.crwdcntrl.net/id

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.15.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-15-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://o.canada.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json;charset=utf-8

GET
H2 200 xd.js Show response
fem.gprod.postmedia.digital/v133.0/ Frame 8F58 10 KB
3 KB 9ms
8ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fem.gprod.postmedia.digital/v133.0/xd.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/xd.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 140ef1f470f456735a46b138c5de05f69c8b2c377ffc8107342fd7e386a47529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://fem.gprod.postmedia.digital/v133.0/xd.html

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759243739
x-goog-hash: crc32c=xK1zTw==, md5=gaGrMMimW0F3yoxAQfopOQ==
content-encoding: br
etag: W/"81a1ab30c8a65b4177ca8c4041fa2939"
age: 96021
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 10105
date: Tue, 07 Oct 2025 17:18:11 GMT
last-modified: Tue, 30 Sep 2025 14:49:18 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3IuxmmpdDDAw_u6p8YPll-3Kec3LYzvg7sbKib4MeLq4qcBBN479Sbri_cOPmFJorea
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759243758139059
content-length: 2989
server: UploadServer

POST
H2 200 player-event
events.qortex.ai/api/v1/ 0
0 132ms
100ms Fetch 172.67.73.177
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://events.qortex.ai/api/v1/player-event
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=joyykuFZyk6CDVfLK3jjIg&video-container=jw-qortex-target|cnx-main-container&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.73.177 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MfUtQI3iCj9wFeCx%2BSOZILnC22nCdbcu2jOBU2V0Ki6gzv9dRgI0jqSX8M9J6IMdvAKediCWz1%2BQuLBF7z5TffQr1Ymqu4siM%2FJiJCTYIQ%3D%3D"}]}
cf-ray: 98b836abdd82d27c-FRA
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Oct 2025 19:58:32 GMT
server: cloudflare

GET
H2 200 cx-bootstrapper-init Show response
tags.qortex.ai/cxo/ 70 KB
13 KB 12ms
12ms Script
application/javascript 104.26.1.62
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by: Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=joyykuFZyk6CDVfLK3jjIg&video-container=jw-qortex-target|cnx-main-container&continuous-load=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.62 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2d217a8be8258ef8e1280c9ef4ad33d8d4fdc690aa90658ad2b5e91424d33483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: accept-encoding
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"3d0855778743dde19f81c96a2e605b47802829ce"
age: 13
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ap7kxkEU8dvn%2FIOKQ7DIWMO2LM5OoEHEjG%2F6E4Imlp1MO00IBfRVQhOSZHVNHnWKw7nNUo2XC7SzpARj%2BzwJNCSX%2BiSjLO6v2Z%2FNT2E%3D"}]}
cf-ray: 98b836abaac1dc78-FRA
access-control-allow-origin: *
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 14 Jul 2025 14:26:07 GMT
server: cloudflare
x-powered-by: Express

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 67 KB
22 KB 60ms
15ms Script
application/javascript 23.45.96.101
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.96.101 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-96-101.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 45bc6978e281a938d9485dcbf0859159b24e2f7c9b8b0fafc120b9606e0ea8b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "10ab4-63a0ee37f7c40-gzip"
expires: Wed, 08 Oct 2025 20:13:32 GMT
accept-ranges: bytes
content-length: 21994
date: Wed, 08 Oct 2025 19:58:32 GMT
last-modified: Wed, 16 Jul 2025 17:04:41 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 96ms
35ms Script
text/javascript 18.66.26.26
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.26.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-26-26.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90d31178c5dd71358da70acdf13073fbce415131213dc96f08f1ed961446a432

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"58f23dc43fcdfc27c26f32533d286496"
age: 62687
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: rTipZywcv2MsLCH9mOuha0DEXw6Kf4vj96CQ1XKipFA0wdsIvhpZcA==
date: Wed, 08 Oct 2025 02:33:46 GMT
content-type: text/javascript
last-modified: Wed, 06 Aug 2025 15:21:37 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/ 232 KB
47 KB 62ms
40ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1156eee7ec6ff933e0b258b8081145e414e97369bb201f15a69421653c6c774e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "b67f951a9ce38188479d2f25b1907979"
age: 805
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: text/javascript
last-modified: Wed, 08 Oct 2025 19:45:04 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: DLD4qLc+E2vUZ41XVrJbjr/+Y5Zr+m/DTpMblEuKOcYI6MoExJHHdOWEB44lQcV4lCdYitJZsck=
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 98b836abcc7f9b52-FRA
x-amz-request-id: CNVZ80XJPN2VGN7A
accept-ranges: bytes
content-length: 47978
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 111 KB
32 KB 19ms
19ms Script
text/javascript 104.20.23.13
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.23.13 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85923d2029e9bfdd417506872899d7e494162b5ca2133c6a9014720cdec0747b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"60a50bc73c3764300939d11a7b938567"
age: 8
expires: Wed, 08 Oct 2025 20:58:32 GMT
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: text/javascript;charset=utf-8
vary: accept-encoding
last-modified: Wed, 01 Oct 2025 09:17:22 GMT
x-amz-id-2: y6eBuRtz023b4/f+50sQ5yoWwXvJmZiYwSNFQu68YQMmP/NHvPxiuOvSS2hvSC9qzz8zvXdZmmV6fl0bwAsbYNlzgQ9XwU5QqOkhN0M00ss=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
x-amz-request-id: 7141R6JVJQFHRH9F
cf-ray: 98b836abacd3d9de-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 d7640aba0c8429e07a0423.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 3 KB
1005 B 10ms
10ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/d7640aba0c8429e07a0423.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 47c381538fc2222bc5b89f3ad968aa519c06d862c80067fd9aa80b5e0ac5abe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=7u5hag==, md5=XeMf8BlBKy4e8eYvq4hQ9A==
content-encoding: br
etag: W/"5de31ff019412b2e1ef1e62fab8850f4"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2729
date: Tue, 07 Oct 2025 17:15:47 GMT
last-modified: Tue, 07 Oct 2025 17:05:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3LnJsi4naeBif-ediiBGYr0is7xoG2X-QWVJLC0unNabzpKRcYdlgL6Riceq46OpWLc
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856754025950
content-length: 974
server: UploadServer

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 103ms
59ms Image
image/gif 3.174.46.124
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=fealy_728x90_
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.174.46.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-174-46-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age: 2016452
x-cache: Hit from cloudfront
x-amz-cf-id: 5jfsHw339y1EvGkrikJhSir-8Q6xa2eXX3lekSmmKOawwfP4g0pVTA==
date: Mon, 15 Sep 2025 11:51:01 GMT
content-type: image/gif
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 4e1314772b3c0b58ac25bd1a65436480.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: FRA60-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 0
0

GET ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ 0
0

GET
H3 200 26d92fc3fb08ab30fdbb3.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 14 KB
4 KB 10ms
9ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/26d92fc3fb08ab30fdbb3.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc5bdcb0072e455fd1ab58dade027b9144e2b6d50aa3f8c0d1efff9be2322330

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=29z70Q==, md5=Q65/bM/otf67yTrHZOshHg==
content-encoding: br
etag: W/"43ae7f6ccfe8b5febbc93ac764eb211e"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 14485
date: Tue, 07 Oct 2025 17:15:47 GMT
last-modified: Tue, 07 Oct 2025 17:05:51 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3JRP5-674xRMJDutqaTwa6y5NH-9zMEdI2Iqr60XRWQcZlIufbYK9VcV9BfZriRgoiA
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856751837074
content-length: 3810
server: UploadServer

GET
H3 200 fb65957e39f08ac2d74769.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 222 B
251 B 15ms
14ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/fb65957e39f08ac2d74769.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 427f5f3c0406cb120d6c6cf103e5666a16dfc458d741eac307b04c8b672f1185

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=OAYLiw==, md5=eAZ8d2AlcBlu19TV3dqZdg==
etag: "78067c77602570196ed7d4d5ddda9976"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 222
date: Tue, 07 Oct 2025 17:15:47 GMT
last-modified: Tue, 07 Oct 2025 17:05:54 GMT
content-type: text/javascript
x-guploader-uploadid: AAwnv3L0YEIbNAhZ5D_YOvNyURfep-o6l_0nxsvTSQw-QatAF12oVIhQ9SbD9ncWFUAd4eQP
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1759856754520120
content-length: 222
server: UploadServer

GET
H2 200 head-of-a-baby_jo04_298935905.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2025/10/ 14 KB
14 KB 12ms
11ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2025/10/head-of-a-baby_jo04_298935905.jpg?quality=90&strip=all&w=344&type=webp&sig=vAN6b6vQStBULwBukq2Zig
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: fe9670c500874fd282af5f073bf3c6005ee3ae080b0365d3e2b536d5ac49c3c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=31536000,public
etag: "ac8bd3d92cbb470c3fcad575f74a2d85af204b23"
age: 14867
via: 1.1 google
x-pmd-smart-cdn-proxy: thumbor-proxy-5bf4b87ddd-t7n2l
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13950
date: Wed, 08 Oct 2025 15:50:45 GMT
content-type: image/webp
x-pmd-smartcdn-requester: ottawacitizen
server: nginx/1.18.0
vary: Accept

GET
H3 200 78bf93cc26b97ca7c1d256.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 7 KB
2 KB 14ms
13ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/78bf93cc26b97ca7c1d256.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 211d072cc2d5a4b0f3c665be0c2a680e478fe20e464848ee5d7bdd3ef76d9352

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=uC25Qw==, md5=RDgCneyU+K8DJiCDL+gOdA==
content-encoding: br
etag: W/"4438029dec94f8af032620832fe80e74"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6907
date: Tue, 07 Oct 2025 17:15:47 GMT
last-modified: Tue, 07 Oct 2025 17:05:52 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3KrN5Qd27bAwUTYauXemqcjYeEMY0SH6zqwg25h5TtganBdLpbhAvv5t8JTx5xEnHui
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856752755468
content-length: 2309
server: UploadServer

GET
H3 200 1f3f26ebd5b9c2ac299239.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 5 KB
2 KB 16ms
15ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/1f3f26ebd5b9c2ac299239.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ffc24b3b20bde95bff216027489bebab4527836e7f010670cb32fc641bf8c5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=BmdOIg==, md5=qLEAMXhzdgszU5vzZhl5AQ==
content-encoding: br
etag: W/"a8b100317873760b33539bf366197901"
age: 96165
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5537
date: Tue, 07 Oct 2025 17:15:47 GMT
last-modified: Tue, 07 Oct 2025 17:05:51 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3I3MACsjD_MHBf-SdJqukUNCj3qYVp-B9zVayg6YCtuMstFeXasUDm7GVL-jarD0IgU
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856751775292
content-length: 1797
server: UploadServer

GET
H3 200 4aad149f00ca24c5166312.js Show response
dcs-static.gprod.postmedia.digital/19.7.1/websites/js/ 2 KB
1015 B 15ms
15ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/4aad149f00ca24c5166312.js
Requested by: Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/main.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c0b2ecdcae18382a804675bd1bbbfefd557245a464402a308bc79bfc55e73699

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419261
x-goog-hash: crc32c=NgwFOQ==, md5=4dur6pKtKllYRmMyclmw8Q==
content-encoding: br
etag: W/"e1dbabea92ad2a59584663327259b0f1"
age: 96098
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2239
date: Tue, 07 Oct 2025 17:16:54 GMT
last-modified: Tue, 07 Oct 2025 17:05:52 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3JuxfYZNSyYf5z_XBkOdybYyMDQoxErmf6l1N4iqEJ5IPieZ6XVGZ3A_KukgHvLsMbpICEYAw
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856752415610
content-length: 984
server: UploadServer

POST
H2 204 beacons
p.flipp.com/ 0
0 414ms
194ms Fetch 3.232.126.205
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201179443
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.126.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-126-205.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://o.canada.com/

Response headers

access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:32 GMT
x-envoy-upstream-service-time: 2
vary: Origin
server: istio-envoy
access-control-allow-credentials: true

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 101ms
63ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=5bddd09a-d327-431f-8be7-45ad9a60e48f
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 08 Oct 2025 19:58:32 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 165 KB
39 KB 44ms
10ms Script
application/x-javascript 13.32.27.70
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/0787f10e-ca64-4393-8cda-1b8744767af9/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.70 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a6e7e53a78b78ae20b97034beec7728a151233e2b9ceccd24daa40dace1662e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: accept-encoding
cache-control: must-revalidate,public,max-age=3600
content-encoding: gzip
x-amz-version-id: BobnDhREpLxWUEJlTU1YQ0e87XCThdO4
etag: W/"9c5757df50353292a889556d8e828cd9"
age: 3402
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: G7kqrYcHJ2iOuAQvP2gm_6hTuhnVQVCZpERWFOtkyoDERFG3HMYJKA==
date: Wed, 08 Oct 2025 19:01:51 GMT
content-type: application/x-javascript
last-modified: Wed, 17 Sep 2025 16:53:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 11ms
9ms Image
text/plain 18.244.18.27
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_fpcu=08954ae1ec634b0c9a0eb5a11b1456b7&cs_it=b1&cv=4.13.1%2B2508250908&ns__t=1759953512315&ns_c=UTF-8&cs_cfg=1111110&cs_ucfr=&c7=https%3A%2F%2Fo.canada.com%2F&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c9=
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: W5J6-NwNCtxsp_YwfOJNVJhYS7NeG-oK2p7VYv4v1aXBerJT_lCDJw==
date: Wed, 08 Oct 2025 19:58:32 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

OPTIONS
H2 200 bid
aax.amazon-adsystem.com/e/dtb/ Frame 0
0 159ms
89ms Preflight 13.33.186.215
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.186.215 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-186-215.fra60.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods: POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Wed, 08 Oct 2025 19:58:32 GMT
server: Server
via: 1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
x-amz-cf-id: msVXnP2BeejsiqAj5rDAITLR9ltqCpq2DUBLA5Dkogq2P67qbbuSaA==
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront

POST
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 66 B
425 B 73ms
53ms Fetch
application/json 13.33.186.215
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.186.215 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-186-215.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 854c59da152f6eee070e91bfcae8848f37d50546b827990c541e097d1b28a3e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront)
access-control-allow-origin: https://o.canada.com
x-cache: Miss from cloudfront
content-length: 83
x-amz-cf-id: 31ueC1mgXU7_1-tBvCIZlxCWuph9n1swCci3O-p7JpwL6YklJ7MJgA==
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json;charset=UTF-8
vary: Origin
server: Server
x-amz-cf-pop: FRA60-P9

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
0 235ms
235ms Fetch
application/json 37.19.206.161
CDN77 Datacamp Li...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=9.47.0&coppa=0
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.19.206.161 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: unn-37-19-206-161.datapacket.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-origin: https://o.canada.com
content-length: 49
content-type: application/json
vary: origin
access-control-allow-credentials: true

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58877/ 2 B
32 B 59ms
59ms Fetch
application/json 87.248.119.252
YAHOO-IRD Yahoo-U...

General

Check archive.org

Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58877/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://o.canada.com/&pixelId=58877

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000
age: 0
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://o.canada.com
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json
vary: Origin
server: ATS

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
370 B 70ms
56ms Fetch
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fo.canada.com%2F&domain=o.canada.com&cw=1&lsw=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 249676
expires: 0
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 196 B
453 B 74ms
73ms Fetch
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

5a8f11e92f224e9348fb3ad44b373d6ea89ef5f18ce7e30af7b06167cccc4fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://o.canada.com
content-encoding: gzip
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-credentials: true

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
316 B 66ms
66ms Fetch
application/json 54.217.15.209
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://id.crwdcntrl.net/id

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.217.15.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-217-15-209.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://o.canada.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json;charset=utf-8

OPTIONS
H2 503 page_load
pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/ Frame 0
0 779ms
377ms Preflight
text/html 34.213.159.49
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/page_load
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.159.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-159-49.us-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

content-length: 104
content-type: text/html; charset=utf-8
date: Wed, 08 Oct 2025 19:58:33 GMT
server: awselb/2.0

POST page_load
pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/ 0
0

GET 49180bf2-828b-4b06-b589-a8b434b6ddef
https://o.canada.com/ 0
0

GET
H2 200 pxid Show response
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 46 B
379 B 89ms
60ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c42c97380d5c6c727b9d1fceefbffc8f9f6fb223c20ca84dfb48fa074cf04bfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json
vary: Origin
server: Permutive

GET getuidj
ib.adnxs.com/ 0
0

GET
H2 200 topics.html Show response
cdn.permutive.app/ Frame AE47 947 B
895 B 54ms
21ms Document
text/html 104.18.35.13
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.permutive.app/topics.html
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.13 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f09670f35d13887fd7108f16a6f2803c596a0bc83071e03a264fac5dba2ed0

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: max-age=86400, public
cf-cache-status: DYNAMIC
cf-ray: 98b836ad7d411c22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 08 Oct 2025 19:58:32 GMT
etag: W/"a8522ab0dc78bd982219a29bf045ed47"
expires: Thu, 09 Oct 2025 19:18:45 GMT
last-modified: Fri, 26 Apr 2024 16:31:08 GMT
server: cloudflare
timing-allow-origin: *
x-goog-generation: 1714149068764957
x-goog-hash: crc32c=67icPw== md5=qFIqsNx4vZgiGaKb8EXtRw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 947
x-guploader-uploadid: AAwnv3JPtgfoHzhvW3LuoxHoUdYNzSowXA0IsvxxJ3UQX3EkqQWn0O_-hqljFqYZML-AGf8

GET
H2

201

sync
googlesync.permutive.com/v2.0/px/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_tc=
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPRqQdt1umRLIW9FuTpRYzs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_cver=1

35 B
167 B

91ms
63ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPRqQdt1umRLIW9FuTpRYzs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_cver=1
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: image/gif
vary: Origin
server: Permutive

Redirect headers

cache-control: no-cache, must-revalidate
location: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEPRqQdt1umRLIW9FuTpRYzs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=8e604233-a541-4b22-bb64-72f95a01ecb7&gdpr=0&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 415
date: Wed, 08 Oct 2025 19:58:32 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 id5-api-js Show response
api.id5-sync.com/analytics/1674/ 681 B
572 B 117ms
69ms Fetch
application/json 162.19.138.116
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://api.id5-sync.com/analytics/1674/id5-api-js

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a6e8a647167a5eac30ee3016ecbe5a43bbe70cac89003acdcbf5b9b7e01dbed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=300, public
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 08 Oct 2025 19:58:31 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

GET
H2 200 promotional Show response
o.canada.com/api-root/feature_bar/ 2 KB
891 B 103ms
102ms Fetch
text/html 34.117.147.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://o.canada.com/api-root/feature_bar/promotional?format=html

Requested by

Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/js/78bf93cc26b97ca7c1d256.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

204.147.117.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

3c38c6d4f9561441a49d10c09daa98b043a6b36bc5c4c2b8a35e0585ba359d58

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 20:03:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:32 GMT
last-modified: Wednesday, 08-Oct-2025 19:58:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Accept-Language, Origin
x-frame-options: SAMEORIGIN
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
cache-control: max-age=300,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-pmd-backend: pmd-nginx-proxy-6978cb7d6c-hj5xj
cross-origin-opener-policy: same-origin-allow-popups
x-envoy-upstream-service-time: 5
referrer-policy: strict-origin-when-cross-origin
x-envoy-decorator-operation: pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via: 1.1 google
permissions-policy: autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
content-language: en
server: istio-envoy

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
497 B 102ms
101ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 47b327cda108b7562aafcf5bdf1c4c002c6ecec8e7f6b69ae0b5af74e6ac6f2b

Request headers

x-lib-version: v1.0.1
authorization: Bearer b9d3df2fccd108b5eff3c44f573b2cd6
Referer: https://o.canada.com/
x-referring-url: https://o.canada.com/
accept: application/json
content-type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
pragma: no-cache
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
access-control-allow-credentials: true
allowedorigins: *
expires: -1
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
content-length: 196
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json
vary: Accept-Encoding

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 314ms
100ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://o.canada.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 08 Oct 2025 19:58:32 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202509241039/ 387 KB
139 KB 19ms
18ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202509241039/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/dqzP001U6CvfmEQNxKTyCMgOlPA/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e084390e566ab8118e70fac81864a5e3c4fa4af73b412edd5ef237419b1b1b20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "1fbcc4628803a2c1de2c796fb82ee251"
age: 1220454
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Sep 2025 16:00:14 GMT
vary: accept-encoding
priority: u=3,i=?0
x-amz-id-2: 86dWU4Xlhn0T+Wkr5HqchJ81s6T3SAP+jm4R7J2diTEi6WN32+UC5sST7Z3SGPyrhBxxe/BBWQoJKMxu/sEX3BPPFt1HfR0uNZuZnFMgIuA=
cache-control: public, max-age=31536000
cf-ray: 98b836adae079b52-FRA
x-amz-request-id: CA9YJ3PFC7F5AES4
accept-ranges: bytes
content-length: 141566
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
630 B 49ms
49ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-amz-apigw-id: SHoZlGC1DoEEDJQ=
age: 41311
x-amzn-trace-id: Root=1-68e62109-66156fcf52f8dbfb2b99b5e4;Parent=143d63611ab742d2;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 6d0a6026-f05e-4680-bda5-3946012cc850
via: 1.1 2d859daa66fde82c2a8685f4b0ee0dbe.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 30
x-amz-cf-id: IDtGOEGDBQrRkSKwrMzwxbuRudJ6FwWc5uc7fBFyjjj4pOXWHTARrw==
date: Wed, 08 Oct 2025 08:30:01 GMT
content-type: application/json
x-amz-cf-pop: FRA50-P2, FRA60-P3
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 86ms
57ms Preflight
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
age: 52691
content-length: 0
content-type: application/json
date: Wed, 08 Oct 2025 05:20:21 GMT
via: 1.1 7f01ac3c2b3b2aec2108ed414afd3146.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-apigw-id: SHMnXG8FDoEEo5A=
x-amz-cf-id: qORoYIUOd4HcJK8G5Gt13L8XG8ybiIuD_J1uby1Xs_Atn-bqi3MOgA==
x-amz-cf-pop: FRA50-P2 FRA60-P3
x-amzn-requestid: f63a0a61-3bde-4f92-a422-2a31bb28eae3
x-cache: Hit from cloudfront

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510070101/ 63 KB
23 KB 16ms
16ms Other
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510070101/gpt

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13283420341987886150
age: 52172
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 05:29:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 08 Oct 2025 05:29:00 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23314
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202510070101"

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 37ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3877a8858bdaaae2e85cd4606197b695b323ecde59215207070e1339b2404027

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json
vary: Origin
server: Permutive

GET
BLOB 200
OK 99adfa39-a21f-41a8-bd6d-ca9ffea7c1a1 Show response
https://o.canada.com/ Frame 1607 5 KB
0 Script
application/javascript

General

Check archive.org

Download Go to

Full URL: blob:https://o.canada.com/99adfa39-a21f-41a8-bd6d-ca9ffea7c1a1
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202509241039/wrap.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b56bad1bbf4888ec9333360259e48ede77e3e4bc86da5dd3afb8d1a9f51b60a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: application/javascript
Content-Length: 5591

POST
H3 200 4jvsh6hlz0djqla8wtzq25xi Show response
kindhush.com/lr59cb/ 303 B
327 B 46ms
27ms Fetch
application/json 34.120.37.167
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://kindhush.com/lr59cb/4jvsh6hlz0djqla8wtzq25xi

Requested by

Host: kindhush.com
URL: https://kindhush.com/static/h5brpd/b43ftj.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.37.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

167.37.120.34.bc.googleusercontent.com

Software

hoothoot/2057348350 /

Resource Hash

8b03241c09c8f82195628c4882ab3129c3fd25811ed135fee9ef5f45d05f4951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
via: fen-hoothoot-europe-west1-ffgg.gce-europe-west1, 1.1 google
expires: Wed, 08 Oct 2025 19:58:31 GMT
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: hoothoot/2057348350
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H3 200 favicon-canada.ico
dcs-static.gprod.postmedia.digital/19.7.1/websites/images/canada/ 1 KB
581 B 11ms
10ms Other
image/vnd.microsoft.icon 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://dcs-static.gprod.postmedia.digital/19.7.1/websites/images/canada/favicon-canada.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b3a6707b53120e361c443438c8f8b44d833ab5a5bb2277a3a76818a19ff2ba60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759419259
x-goog-hash: crc32c=HUAgaQ==, md5=FjzAthT4kGUhDZ9ffF7gVw==
content-encoding: br
etag: W/"163cc0b614f89065210d9f5f7c5ee057"
age: 91393
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1150
date: Tue, 07 Oct 2025 18:35:19 GMT
last-modified: Tue, 07 Oct 2025 17:05:27 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3LzHX-kplZgynXfpgURJoVEQsSXU1BmrcZxOlBEwEYxfOm-YEAV-tRDCFnbbeaCaO6CwlcnyU0
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759856727778055
content-length: 542
server: UploadServer

GET d3510145d6
pb-ing-postmedia.ccgateway.net/ping/v1.0/realtime/ 0
0

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 195ms
52ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 195ms
53ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 197ms
54ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 201ms
58ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 195ms
53ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 200ms
57ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 195ms
54ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 199ms
57ms Preflight 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-131-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version,Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://o.canada.com
access-control-max-age: 3600
allow: OPTIONS,POST
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 109ms
43ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0c796670ee4aa954132473f3572e37cacfa64d8d3e2ce5fb2ca84c45ef4e1231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
397 B 107ms
42ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

84a374c58f2d1a4189d733a5ef23e60ef9a9efa59f617df7fecdadd4e1f541c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 109ms
42ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1acac49ee8d1cd62c991d8cdfcd227e86fd8c5d5baafea90062f7c3f3a8f2caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 109ms
46ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e28fc8b2518b0d9ace6a9d9d30953ef4acb0b15bcfd368164e88956c29fd2d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 171ms
104ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3857a86cad557e903298f49f058998de3d3ce14b1674a3e07732364db6fc14c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 113ms
50ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ebadaf46fcc2caab1485f89189b4761b5000608e61852742927e341dbe3b8f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 117ms
53ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b1deb7e7c4ac45360d4dcce2a428d3293670703ff4cd95e91ba3a2f7b58a9662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
396 B 113ms
49ms Fetch
application/json 54.216.131.59
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://c2shb.pubgw.yahoo.com/bidRequest

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.131.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-131-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

47f1eb3a3ae87512cd3f5700161ffd35436f2791e21529f2e38465b5ee7d367d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

x-openrtb-version: 2.5
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,POST
allow: OPTIONS,POST
x-content-type-options: nosniff
access-control-allow-origin: https://o.canada.com
content-length: 66
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
access-control-allow-headers: x-openrtb-version,Content-Type

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
570 B 260ms
224ms Fetch
application/json 34.36.209.34
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.209.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 34.209.36.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 207
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
expires: Wed, 08 Oct 2025 19:58:33 GMT
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
219 B 146ms
74ms Fetch 178.250.1.38
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.47.0&cb=46394039180&lsavail=1&networkId=6498

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.38 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:32 GMT
vary: Origin
server: Kestrel

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
119 B 64ms
14ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 67ms
17ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 66ms
16ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 65ms
16ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 71ms
21ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 71ms
21ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
118 B 66ms
16ms Fetch 18.185.116.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.116.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-116-170.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://o.canada.com
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 920 B
903 B 66ms
64ms Fetch
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

7ff22ecf8778332a69c9d2bf3d1c51e206c412e4b7b6ae72a0b03ba4b597fb79

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 149.88.24.195; 149.88.24.195; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://o.canada.com
an-x-request-uuid: 82def30d-21fe-4e98-aa68-966329774ba1
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 08 Oct 2025 19:58:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.25.5

POST
H2 200 prebid-exchange.json Show response
fastlane.rubiconproject.com/a/api/ 123 B
328 B 279ms
210ms Fetch
application/json 69.173.156.138
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/prebid-exchange.json?as=14648-359816&m=banner&s=8
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.156.138 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: aaf39a997cfdda5c558e0b42ca4e1ffa01fabdc87d3fd117b792a26181deb457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://o.canada.com
content-length: 123
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 132 B
626 B 85ms
60ms Fetch
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e559e1f8701c7a7c06671133b69a5986f86c633be86b4f21e678455cb7f90c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=z%2FYN%2BlCylLBDWU1VAKqhkPEASRgPzvR1zHOdEUZF1NLNIxnlCOKXge3ELN385mBnjcXiyh4eWh5IHNcOjeFQogkAgw02QAz56k%2FQ7y8U8%2Fwo%2Fiw%3D"}]}
observe-browsing-topics: ?1
expires: 0
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 98b836b07afe8f2f-FRA
access-control-allow-origin: https://o.canada.com
content-length: 117
server: cloudflare

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
262 B 101ms
63ms Fetch
text/plain 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 68f4e5dc17f702af9c0f934df27febac77683ab8892851cd24500ff9eabb4729

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

x-forwarded-for: 149.88.24.195
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: text/plain
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
305 B 123ms
65ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL

https://hbopenbid.pubmatic.com/translator?source=prebid-client&gzip=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials: true
observe-browsing-topics: ?1
pmfcgi-resp: TRUE
access-control-allow-origin: https://o.canada.com
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 08 Oct 2025 19:58:33 GMT
server: nginx

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
301 B 16ms
16ms Fetch
text/plain 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: text/plain;charset=utf-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
156 B 111ms
61ms Fetch
application/json 54.36.115.242
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.115.242 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: /
Resource Hash: 5f78db91cb014c07d1d0a6adc30dbb2e490bfcb3d41d56a8c4ebdacca9393b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-origin: https://o.canada.com
content-length: 54
date: Wed, 8 Oct 2025 19:58:33 GMT
content-type: application/json
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
333 B 110ms
68ms Fetch
application/json 162.19.138.118
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

30626341254f8c2e57caceea03a56bd3a4e1b694983e493dc6eaae52e01ad49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://o.canada.com
content-encoding: gzip
date: Wed, 08 Oct 2025 19:58:32 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

GET
H2 200 / Show response
d0.eu-3-id5-sync.com/ 1 B
143 B 102ms
63ms Fetch
text/plain 135.125.145.78
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip78.ip-135-125-145.eu
Software: /
Resource Hash: ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-3-id5-sync.com/ 1 B
143 B 116ms
73ms Fetch
text/plain 51.195.73.74
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip74.ip-51-195-73.eu
Software: /
Resource Hash: d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-3-id5-sync.com/ 1 B
143 B 115ms
72ms Fetch
text/plain 51.195.73.74
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.74 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip74.ip-51-195-73.eu
Software: /
Resource Hash: d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-3-id5-sync.com/ 1 B
143 B 108ms
62ms Fetch
text/plain 51.195.115.36
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip36.ip-51-195-115.eu
Software: /
Resource Hash: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-3-id5-sync.com/ 1 B
143 B 116ms
74ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-3-id5-sync.com/ 1 B
143 B 108ms
63ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-3-id5-sync.com/ 1 B
143 B 117ms
74ms Fetch
text/plain 51.195.115.36
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip36.ip-51-195-115.eu
Software: /
Resource Hash: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-3-id5-sync.com/ 1 B
143 B 119ms
72ms Fetch
text/plain 51.195.34.220
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.220 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip220.ip-51-195-34.eu
Software: /
Resource Hash: 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d0.eu-4-id5-sync.com/ 1 B
143 B 120ms
74ms Fetch
text/plain 51.195.73.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d0.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-4-id5-sync.com/ 1 B
143 B 111ms
69ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d1.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-4-id5-sync.com/ 1 B
143 B 109ms
67ms Fetch
text/plain 135.125.146.86
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d2.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip86.ip-135-125-146.eu
Software: /
Resource Hash: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-4-id5-sync.com/ 1 B
143 B 116ms
74ms Fetch
text/plain 51.195.73.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d3.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-4-id5-sync.com/ 1 B
143 B 111ms
71ms Fetch
text/plain 51.195.73.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d4.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-4-id5-sync.com/ 1 B
143 B 119ms
73ms Fetch
text/plain 51.195.73.82
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d5.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-4-id5-sync.com/ 1 B
143 B 120ms
74ms Fetch
text/plain 135.125.146.86
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d6.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip86.ip-135-125-146.eu
Software: /
Resource Hash: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-4-id5-sync.com/ 1 B
143 B 108ms
68ms Fetch
text/plain 51.195.34.255
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://d7.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.255 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip255.ip-51-195-34.eu
Software: /
Resource Hash: 6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 17ms
17ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e07c414c85bc303ab437bf81236d6a875493ca9c76be882c1b2a742b431a86da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
vary: Origin
server: Permutive

POST
H2 200 v3 Show response
id5-sync.com/gm/ 665 B
920 B 34ms
32ms XHR
application/json 141.95.33.120
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

4c8232918e41a7e9c0ccd7f2bc74fbbc4306a2cf735c973f85b7d7343c3241c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H3 200 aafa5ae68a0e6fd708de.js Show response
fem.gprod.postmedia.digital/v133.0/chunks/ 3 KB
1 KB 10ms
9ms Script
text/javascript 34.117.54.29
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fem.gprod.postmedia.digital/v133.0/chunks/aafa5ae68a0e6fd708de.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 29.54.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 15e158253fc317d4b939e2db2aa23a5ec53668f909a230dd8f05bf33ffaf85db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1759243739
x-goog-hash: crc32c=uG8/qg==, md5=eDRXDdREGeef+zTZwDdBWg==
content-encoding: br
etag: W/"7834570dd44419e79ffb34d9c037415a"
age: 95986
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3187
date: Tue, 07 Oct 2025 17:18:47 GMT
last-modified: Tue, 30 Sep 2025 14:49:16 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3JhyNMGumrUTED0chn_Oq1Hf45BXOCKB1X_56953FOXdOOAh4WikEh8eFWdG24jGu8I
cache-control: public,max-age=31622400
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: *
x-goog-generation: 1759243756733428
content-length: 1102
server: UploadServer

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 44ms
27ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202510020101&st=env&sjk=4933375486815223

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5e7ee5008fa4dcb54ad2339b72d838e04ffa041aaf4b9e279f5a14e443775f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13630
date: Wed, 08 Oct 2025 19:58:33 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 7 KB
388 B 710ms
691ms Fetch
text/plain 216.58.206.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4933375486815223&correlator=507498721427664&eid=31085777%2C83322295%2C83321072%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202510020101&ptt=17&impl=fifs&iu_parts=3081%2Cccn.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x90%7C970x90%7C728x90%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C320x50%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0%2Cheight%2C0&ifi=1&didk=390648829~390648828~3147356942~390648827~3147356943~390648826~3147356940~390648825~3147356941~390648824~3147356938~390648775~3147356939~390648774&dids=ad-1~ad-2~ad-native-1~ad-3~ad-native-2~ad-4~ad-native-3~ad-5~ad-native-4~ad-6~ad-native-5~ad-7~ad-native-6~ad-8&adfs=2345078377~173606284~1951338044~604144965~4137165769~2385200358~1825426917~1086182170~2729659929~1989308508~1497422375~3408768434~2174931058~333130945&sfv=1-0-45&eri=1&sc=1&lrm=25&abxe=1&dt=1759953513388&lmt=1759953456&adxs=200%2C797%2C768%2C797%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200%2C768%2C200&adys=202%2C1206%2C1552%2C2572%2C2933%2C3897%2C4261%2C5212%2C5572%2C6539%2C6885%2C7821%2C8167%2C8557&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fo.canada.com%2F&vis=1&psz=1600x90%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=0%2C0%2C4%2C0%2C4%2C0%2C4%2C0%2C4%2C0%2C4%2C0%2C4%2C0&ohw=0%2C0%2C628%2C0%2C628%2C0%2C628%2C0%2C628%2C0%2C628%2C0%2C628%2C0&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJGIxZGNlMzY0LTE1ODctNGM3OC1hZGU3LThlNGI0YjFmZWU0NVgB&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1759953511776&idt=546&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_topbanner_1_1200x90%257C970x90%257C728x90_rc0%26amznbid%3D2%26amznp%3D2%7Cpos%3Dinterscroller1%26loc%3D2%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_2_6x6%257C1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D1%26ad_cfp%3Ddtw_hp_native_story-card_1_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cpos%3Dinterscroller2%26loc%3D3%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_3_7x7%257C1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D2%26ad_cfp%3Ddtw_hp_native_story-card_2_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_4_1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D3%26ad_cfp%3Ddtw_hp_native_story-card_3_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_5_1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D4%26ad_cfp%3Ddtw_hp_native_story-card_4_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_6_1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D5%26ad_cfp%3Ddtw_hp_native_story-card_5_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_7_1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2%7Cslot%3Dinfeed%26pos%3Dstory-card%26loc%3D6%26ad_cfp%3Ddtw_hp_native_story-card_6_fluid_rc0%26amznbid%3D2%26amznp%3D2%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26ad_cfp%3Ddtw_hp_display_infeedfw_8_1200x250%257C1200x90%257C970x90%257C970x250%257C728x90%257C300x250_rc0%26amznbid%3D2%26amznp%3D2&cust_params=permutive%3D96400%252Cadv%252Crts%252Crts%252Crts%26prmtvvid%3D4f407f92-a585-4d7a-a5c2-c1abd4cc187d%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dccn%26sensitive%3Dn%26negative%3Dn%26site%3D3%26ck%3Dindex%26imp%3Dindex%26prmtvctx%3Dbzng%252Crts%252Crts%252Crts%26intent_iq_group%3DU%26prmtvsdk%3Dweb&adks=684166495%2C1341624894%2C3854601707%2C3283421726%2C3854601706%2C4217552501%2C3854601685%2C4217552500%2C3854601684%2C4217552503%2C3854601687%2C4217552502%2C3854601686%2C4217552505&frm=20&eoidce=1&gblpids=%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1~%2F3081%2Fccn.com%2Findex%23ad-1&pb_szs=970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250~970x90%7C728x90%7C970x250%7C300x250&pbbce=1&td=1&egid=11853&tan=abbda2c2-bbea-4bd6-a575-7d82a55a5463%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5464%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5465%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5466%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5467%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5468%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5469%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546a%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546b%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546c%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546d%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546e%2Cabbda2c2-bbea-4bd6-a575-7d82a55a546f%2Cabbda2c2-bbea-4bd6-a575-7d82a55a5470&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

028ec45edf733921529b5c9a09c8944ae439394da6d07b5519c52d108bf5ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://o.canada.com
content-length: 359
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 4218 7 KB
3 KB 39ms
16ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Oct 2025 19:58:33 GMT
expires: Wed, 08 Oct 2025 19:58:33 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 20 KB
7 KB 50ms
17ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 19:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 198ms
91ms Preflight 54.246.81.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://o.canada.com
Appname: postmedia
Cache-Control: no-cache
Connection: keep-alive
Date: Wed, 08 Oct 2025 19:58:33 GMT
Expires: -1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Requestid: ad0a4246-8495-4189-abf9-4caf48f1737b
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: EU-West Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
755 B 161ms
86ms Fetch
application/json 54.246.81.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: application/json
Referer: https://o.canada.com/

Response headers

Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Expires: -1
Requestid: dafe6d36-60fd-4112-91c5-9fd5ad680a30
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 08 Oct 2025 19:58:33 GMT
Appname: postmedia
Content-Type: application/json
X-Server: ms_idx_primary
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
X-LoginRadius-Server: EU-West, Primary - IDX - AWS
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://o.canada.com
Content-Length: 38
Server: nginx

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame C3AF 13 KB
5 KB 30ms
10ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Oct 2025 19:39:57 GMT
expires: Wed, 08 Oct 2025 20:29:57 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 waf1wxEitaZLHIvTAFIntn6mfm24VjvzAbNnfTTrdg8.js Show response
pagead2.googlesyndication.com/bg/ Frame C3AF 54 KB
21 KB 26ms
9ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/waf1wxEitaZLHIvTAFIntn6mfm24VjvzAbNnfTTrdg8.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c1a7f5c31122b5a64b1c8bd3005227b67ea67e6db8563bf301b3677d34eb760f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 82601
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 07 Oct 2026 21:01:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 21:01:52 GMT
last-modified: Mon, 29 Sep 2025 10:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21032
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame C3AF 0
40 B 8ms
7ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?DFODHA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT
cross-origin-resource-policy: cross-origin

GET
H2 200 signinprompt Show response
edge-auth.microsoft.com/v0.5/ Frame DDFC 472 B
930 B 127ms
79ms Document
text/html 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

1c6f03747c03abe0a707678548df4a1f125b67d607e798350a99c51bf622cd63

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-/kjc/CJM5674urWYYgcS8GQI+I46mgo5EEgfe4YKyY9gotCHHoxXJg7uDV81GcdtZ6OtN6M+2umArwDtfRXkxg3J87BYN4if3bl86kCuOPxl2ED/aa/GYG28kHLUoAlJu6fPfDTCGTamU/LPJewO9huTFJbfRig2nSbJHToRwmU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: script-src 'strict-dynamic' 'nonce-/kjc/CJM5674urWYYgcS8GQI+I46mgo5EEgfe4YKyY9gotCHHoxXJg7uDV81GcdtZ6OtN6M+2umArwDtfRXkxg3J87BYN4if3bl86kCuOPxl2ED/aa/GYG28kHLUoAlJu6fPfDTCGTamU/LPJewO9huTFJbfRig2nSbJHToRwmU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type: text/html; charset=utf-8
date: Wed, 08 Oct 2025 19:58:33 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E96EC6214FD34F19BAFF83D78C23433D Ref B: AMS231032610035 Ref C: 2025-10-08T19:58:33Z

GET
H2 200 vf-v2.js Show response
cdn.viafoura.net/ 762 KB
210 KB 47ms
15ms Script
application/javascript 18.66.102.119
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.viafoura.net/vf-v2.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36f2e83e05dc91538b50481f72382e79ea3619d2182b52f66de20e35836cb449

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
x-amz-version-id: XMRcjc_QNHR8rcKiggCWM2I0HOJTu9gx
etag: W/"31e66e5405077db3793230941b1ea61e"
age: 166
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: p01M_KJXSy06ecmKD9qGYuTZdJlkx0o5iz29S906l-H-f5XmM5BMJw==
date: Wed, 08 Oct 2025 19:55:48 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 08 Oct 2025 16:50:23 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 308 KB
103 KB 81ms
46ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7c41f3f00c35eb1d199cf7b0631bf717dfa15000168a109bdafd91b959cd6a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
expires: Wed, 08 Oct 2025 19:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 18:49:30 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 104955
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 21 KB
7 KB 14ms
14ms Script
text/javascript 18.244.18.27
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"3f6dea365716e8ba82711013483c4d83"
age: 61466
via: 1.1 3caf29bae8aa1020b6ba57a71bbb0880.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: WglAms00S6pwqOgFo10A-hMrqaqT0xNdE8qe7MlbEdLyTlVSVnDPaw==
date: Wed, 08 Oct 2025 02:54:08 GMT
content-type: text/javascript
last-modified: Mon, 08 Sep 2025 13:30:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET fullcontact.js
tags.fullcontact.com/anon/ 0
0

GET
H2 200 postmedia-sdk.js Show response
postmedia.solutions.cdn.optable.co/public-assets/ 29 KB
10 KB 44ms
10ms Script
text/javascript 34.8.155.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://postmedia.solutions.cdn.optable.co/public-assets/postmedia-sdk.js

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.8.155.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

66.155.8.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

60dd879e31b889327f700b93c47df1a633670a350b00cace6109baf5209fbc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=+zRiuw==, md5=s+N5kRYRDQdL1u9ekAtHhg==
etag: "b3e3799116110d074bd6ef5e900b4786"
age: 2900
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9464
date: Wed, 08 Oct 2025 19:10:13 GMT
last-modified: Tue, 12 Aug 2025 19:43:31 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AAwnv3Jl-aZ99x2u2_Qsq6cAIdKAJAi7J8MHeD2ABz9OeBXUgvGzIiZP3RHyJOXzueiJfP4l1hzitw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=86400
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1755027811593952
content-length: 9464
server: UploadServer

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 386 KB
138 KB 35ms
10ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by: Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fb4a28eea55439eb3afb0b7ac5e35f547281b5c5e780fc37b0f7b349d96c2d55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: public, max-age=3600
content-encoding: gzip
x-timer: S1759953514.861916,VS0,VE2
age: 189
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-origin-name: fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache: HIT, HIT
content-length: 141127
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/javascript
x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220111-FRA
server: Kestrel
x-cache-hits: 22, 1
vary: Accept, Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
104 KB 70ms
40ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Requested by

Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v133.0/fem.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

697e6d4d627b1f12cac597c007f4e9f1354ffc4f0992ced01796ce0d05c55a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
expires: Wed, 08 Oct 2025 19:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 18:49:30 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 106356
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 config Show response
ca.edge.optable.co/ 221 B
516 B 138ms
97ms Fetch
application/json 34.8.254.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ca.edge.optable.co/config?osdk=web-v0.37.1&sid=1y3VSy5pUg7fK2cd3w0dAw&t=postmedia&o=o-canada-com&cookies=no&passport=
Requested by: Host: postmedia.solutions.cdn.optable.co
URL: https://postmedia.solutions.cdn.optable.co/public-assets/postmedia-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.8.254.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.254.8.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f1c6f4b69a2c6ce6a3fa57699f7ca9ba864a994e2a29c072831a7a491c1dd09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json
Referer: https://o.canada.com/

Response headers

access-control-expose-headers: X-Optable-Visitor
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 87ms
52ms Preflight 151.101.130.133
FASTLY

General

Check archive.org

Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 2340
date: Wed, 08 Oct 2025 19:58:33 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 689
x-fastly-trace-id: 2806498021
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-etou8220143-FRA
x-timer: S1759953514.965091,VS0,VE0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 362 KB
111 KB 43ms
42ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4f3018038e1ed364702d3fb624b07cbf8ce5fac250f3838978ecf931d2e3539b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
expires: Wed, 08 Oct 2025 19:58:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 18:49:30 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 113369
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
357 B 124ms
122ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8f985c9849a5b66278cd2450bff5cdb41bfcf866d8414705c7e4fc1655743892

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: application/json

Response headers

access-control-expose-headers: X-MP-Max-Age
content-encoding: gzip
x-fastly-trace-id: 2806498908
x-cache: MISS
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-etou8220143-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-timer: S1759953514.018701,VS0,VE115
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server: Kestrel

POST
H2 200 v2 Show response
api.viafoura.co/v2/o.canada.com/bootstrap/ 8 KB
3 KB 386ms
195ms XHR
application/json 54.156.183.251
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.viafoura.co/v2/o.canada.com/bootstrap/v2?session=false
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-183-251.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8b759f46d54254449f749593630da77222083f1194d7b15f09d329b8204fb4d1

Request headers

Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8

Response headers

access-control-max-age: 86400
cache-control: max-age=0
content-encoding: gzip
pragma: no-cache
x-instance-id: i-0a598caf98cfa5ade
access-control-allow-credentials: true
expires: Wed, 08 Oct 2025 19:58:34 GMT
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)

OPTIONS
H2 204 v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame 0
0 388ms
182ms Preflight 54.156.183.251
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://api.viafoura.co/v2/o.canada.com/bootstrap/v2?session=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.183.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-183-251.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: OPTIONS, POST, REGEX_MATCH
access-control-allow-origin: https://o.canada.com
access-control-max-age: 86400
cache-control: max-age=0
date: Wed, 08 Oct 2025 19:58:34 GMT
expires: Wed, 08 Oct 2025 19:58:34 GMT
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
x-instance-id: i-0c7697af7009b725e

GET
H2 200 ms_auth_server_button.min.js Show response
edge-auth.microsoft.com/v0.5/js/ Frame DDFC 26 KB
27 KB 32ms
31ms Script
text/javascript 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

30e04b0327c493e1908f631a846432f500e47426ecc0fdc22206eae547e63229

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-ICYIvd3VwHjwm0AdrznrJKF9d+vq8RZPyLihAJwXAhHuox2Mp7kIAAjPgzFFEU/Rkai9BsWuT3oLcTb2XoPCoHODuacT3n+eRmGXs/c5+2Ue4b/R+qn5nlybyYXS/oxlblyOUzcorFhFdk+CPvv68CZA2TDsCF8QdqhQAevMk0M=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-ICYIvd3VwHjwm0AdrznrJKF9d+vq8RZPyLihAJwXAhHuox2Mp7kIAAjPgzFFEU/Rkai9BsWuT3oLcTb2XoPCoHODuacT3n+eRmGXs/c5+2Ue4b/R+qn5nlybyYXS/oxlblyOUzcorFhFdk+CPvv68CZA2TDsCF8QdqhQAevMk0M=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: "1db3b81195e04e3"
x-msedge-ref: Ref A: 4EC30B287CD64FA2A8F2009C211C25E6 Ref B: AMS231032610035 Ref C: 2025-10-08T19:58:34Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 26851
date: Wed, 08 Oct 2025 19:58:33 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 19:19:20 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
97 KB 37ms
36ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer&gtm=4e5a70

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

36427b43e0ef43d66ac63bc2b13d88562eeed0f27699a594f58b34d257990585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
expires: Wed, 08 Oct 2025 19:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 18:49:30 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 98795
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 620 KB
132 KB 53ms
52ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=4e5a70

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0cfbf1ce10a6f7fce3f901c3718b3da4be2f2d4e73e8b72667d9cb61c7634ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
expires: Wed, 08 Oct 2025 19:58:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 18:49:30 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 135449
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 metric
edge-auth.microsoft.com/ Frame DDFC 0
0 42ms
41ms Fetch 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://edge-auth.microsoft.com/metric

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-0vYiQ56856stban//bH2g/YLjuG+0sNJxh40Gxx1vHeZguCRIqgyvOzNsnP20e+gaF6ViJvyEU5loiApj2/gur3TwTqPXut0fLBEmhL41buMCEb9TQ5YFzSLdQjSSATnWxVuFT7XVlPLFMrN9pa29Q7V6HaSehVrma26W1SrJto=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-0vYiQ56856stban//bH2g/YLjuG+0sNJxh40Gxx1vHeZguCRIqgyvOzNsnP20e+gaF6ViJvyEU5loiApj2/gur3TwTqPXut0fLBEmhL41buMCEb9TQ5YFzSLdQjSSATnWxVuFT7XVlPLFMrN9pa29Q7V6HaSehVrma26W1SrJto=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT
x-msedge-ref: Ref A: 2B01C64305F04B6E816F6725B5B3A72B Ref B: AMS231032610035 Ref C: 2025-10-08T19:58:34Z

POST
H2 200 metric
edge-auth.microsoft.com/ Frame DDFC 0
0 94ms
93ms Fetch 13.107.6.158
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://edge-auth.microsoft.com/metric

Requested by

Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

bingforbusiness.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'strict-dynamic' 'nonce-I/sYEahszdvvPa8hy4TcAnLTQx4ac88yDBaRHL4l9IM6BWYYVzmL9k86Z3ObMKtDgrdoxMrHwEcGyDTBBBZ2CB8EqQP9umQd1H8ZFPdytTb0KJeA10wTVPMKyZG3cVdXPYq69leVFizWwJyKaSmVKJ+Z0fB05cKVvZux6zOAT0Q=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=44688480-88c5-41fa-af27-52ea512d96c7&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin

Response headers

content-security-policy: script-src 'strict-dynamic' 'nonce-I/sYEahszdvvPa8hy4TcAnLTQx4ac88yDBaRHL4l9IM6BWYYVzmL9k86Z3ObMKtDgrdoxMrHwEcGyDTBBBZ2CB8EqQP9umQd1H8ZFPdytTb0KJeA10wTVPMKyZG3cVdXPYq69leVFizWwJyKaSmVKJ+Z0fB05cKVvZux6zOAT0Q=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 08 Oct 2025 19:58:33 GMT
x-msedge-ref: Ref A: 9AF36868A8404BE98F6ACF6BD0CDBCF1 Ref B: AMS231032610035 Ref C: 2025-10-08T19:58:34Z

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 479 KB
158 KB 38ms
38ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SGKH0VJNRQ&l=dl_mparticle&cx=c&gtm=4e5a70

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

90d4607a170c139a8318191496743d8232bde1b02e36e0355c60ea1a3aa0680c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 08 Oct 2025 19:58:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161992
date: Wed, 08 Oct 2025 19:58:34 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 50ms
49ms Image
image/ 142.250.186.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202510020101&jk=4933375486815223&bg=!qaqlquXNAAbKu2g66rs7ADQBe5WfOCCo-UE4ASijbvMyD9MYi3dhlU0XUnYpRdjJNBmnF29kCAZp1-foLEl28G1lfnoaAgAAADxSAAAAAmgBB34AN4k51rqGVfX4kU2DGMgqDRnYOV92Fp5UC7BTeECViSqjA7TRqdl73ZzX2XVM6TtK20pGVJsU4yGZAk2x1WWqRU5z6-lOkMT1_3lyGNQyxJS7JkToj6EYV9TXU6F8A-N7SvC7tfXw8zg6XkvjXFV_OB2C7rspcIDPKHCgEAoqFXWBdguJLEZsxwfT9s9oro3hgHqYQIq-BjMsz_rX4G2U3kCY7KPHB2UWJeCY2FVkAHJQxq-LBDF8tCp5Vc7AmiF2Ux82QsxlQA72-qXrKAe_-9b0A1nMgeAzPszXoBkWdxQls-ZhfAN41R_iRmckMZjzhctgKgd6_NqW-kirkjIueHLky31HfAdDNFbBLK7ISNNs7ecb7yz4y6xdWGDcRKxB5mO-EVJhXBQvTiA0Zv7ASGE8S3tusBqYT-PA6dkL8rm48RmHjAwYCkuQOuH75zpaLw-y07SRfUcRqzMmyA19ABwssvnP3Vftxc93Fk2CRJ7VTlJOPHFtQsaU7VixtOISj0-__PQ6IVkSSmn1d8HR5pUJAxTdC414et6GRSREMRWtrmiCOheUmy4ytR_or2i5SQDGw2iiQ4_7lDKGmxVus4v_SRUv2-J8LYvmbLCORPFQ9FIO7jur5iXHFEHOM4xR8rC87i4YnOEEM2HchBBTNr55FdxsZR24MGFjekZ3sVwFqApzGni3nEJD2GVGwWxFlUBymIxDRvuHcndCNo-gN6SojOmZTDE0wCkW4Wea2qAedBvIMiQP3uEvmxrMxChSEtHKESpisaR7mTeF47NthYzhd8jGh-WiGKMNdaUQWcA256VtdjaLTWX0BaBkZ1qOJEjdD5nOZ3bAknOEo7wQ1xcqkb9LIrFh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 08 Oct 2025 19:58:34 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 69ms
27ms Script
application/javascript 151.101.8.157
FASTLY

General

Check archive.org

Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=4e5a70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.8.157 Brussels, Belgium, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "76a4a1b90eaf763f4a6ebf05f1de741a+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15822
date: Wed, 08 Oct 2025 19:58:34 GMT
x-tw-cdn: FT
last-modified: Sun, 07 Sep 2025 22:27:42 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000130-IAD, cache-bru1480055-BRU
x-amz-server-side-encryption: AES256

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 126 KB
36 KB 93ms
68ms Script
application/javascript 104.19.220.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by: Host: o.canada.com
URL: https://o.canada.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.220.32 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769f5a94f6cc059391b985943fcc35fa6ac81c897ae09b117018efc210b28338

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
x-response-time: 14ms
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/javascript; charset=utf-8
x-served-by: haproxy07.cl13.ovh.mrf.io
vary: Accept-Encoding
last-modified: Wed, 08 Oct 2025 19:58:34 GMT
priority: u=1,i=?0
cache-control: max-age=1800
timing-allow-origin: *
x-envoy-upstream-service-time: 24
cf-ray: 98b836b7e84af551-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36732
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 322 KB
83 KB 18ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: o.canada.com
URL: https://o.canada.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cf4012855810edd80ff5404202e855e5c57f735d55131472105b51987d81cd35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-XB0rCO0D' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-XB0rCO0D' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4963, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: /GDsdsY8RhyEFLy67DW1cbh/XdZlGWPf3t/v+fL/LPx2sCZ3KEAStBhwbCwzacRCXcU/NMeG2qs++UFhtpyqag==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 85029
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 p.js Show response
cdn.parsely.com/keys/o.canada.com/ 60 KB
22 KB 41ms
10ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL: https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer&gtm=4e5a70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 93c2af8d901dda273d7d198e5df955d5487a60f0b97d37452667e2c326a54667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: max-age=300, must-revalidate
content-encoding: gzip
x-rq: hhn2
etag: W/"66e2e692-ef18"
pragma: public
expires: Wed, 08 Oct 2025 20:39:53 GMT
accept-ranges: bytes
x-cache: HIT
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/javascript
last-modified: Thu, 12 Sep 2024 13:03:14 GMT
server: nginx

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
242 B 127ms
125ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8f985c9849a5b66278cd2450bff5cdb41bfcf866d8414705c7e4fc1655743892

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-99b65fde89a1a145894d2d51d283cc83
Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: application/json

Response headers

access-control-expose-headers: X-MP-Max-Age
content-encoding: gzip
x-fastly-trace-id: 2806502153
x-cache: MISS
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-etou8220143-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-mp-max-age: 86400
strict-transport-security: max-age=900
x-timer: S1759953514.222440,VS0,VE117
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
server: Kestrel

POST
H2 202 Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 0
0 103ms
53ms Fetch 151.101.2.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

x-timer: S1759953514.280075,VS0,VE8
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-length: 0
date: Wed, 08 Oct 2025 19:58:34 GMT
x-served-by: cache-fra-etou8220123-FRA
server: Kestrel
x-cache-hits: 0

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 23ms
22ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by: Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3877a8858bdaaae2e85cd4606197b695b323ecde59215207070e1339b2404027

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://o.canada.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json
vary: Origin
server: Permutive

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 95ms
62ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SGKH0VJNRQ&gtm=45je5a70v9135149491z89134303430za200zb9134303430zd9134303430&_p=1759953513913&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&cid=1848883571.1759953514&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115616986~115834636~115834638&sid=1759953514&sct=1&seg=0&dl=https%3A%2F%2Fo.canada.com%2F&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.main_category=index&ep.metered_content=false&ep.ad_blocker_enabled=false&ep.browser=Chrome&ep.browser_language=en-US&ep.brand=canada.com&ep.device_type=desktop&ep.division=canada&ep.domain=o.canada.com&ep.fem_version=v133.0&ep.page_url=https%3A%2F%2Fo.canada.com%2F&ep.page_type=index&ep.platform=Cheetah&ep.platform_version=19.7.1&ep.user_status=anonymous&ep.view_type=HTML&up.mpid=8090842726922034430&tfd=2704
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SGKH0VJNRQ&l=dl_mparticle&cx=c&gtm=4e5a70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://o.canada.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 1685973801652415 Show response
connect.facebook.net/signals/config/ 127 KB
30 KB 205ms
205ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/1685973801652415?v=2.9.234&r=stable&domain=o.canada.com&hme=8cc7145f8d1f3cf4631177d0631077d9deb0ae3f644f21ab6cd23c0c201883ea&ex_m=88%2C149%2C129%2C19%2C123%2C62%2C42%2C124%2C69%2C61%2C136%2C77%2C13%2C87%2C27%2C118%2C109%2C67%2C70%2C117%2C133%2C96%2C138%2C7%2C3%2C4%2C6%2C5%2C2%2C78%2C86%2C139%2C215%2C161%2C56%2C220%2C217%2C218%2C49%2C176%2C26%2C66%2C224%2C223%2C164%2C29%2C55%2C8%2C58%2C82%2C83%2C84%2C89%2C113%2C28%2C25%2C116%2C112%2C111%2C130%2C68%2C132%2C131%2C44%2C114%2C54%2C106%2C12%2C135%2C39%2C205%2C207%2C171%2C22%2C23%2C24%2C16%2C17%2C38%2C34%2C36%2C35%2C73%2C79%2C81%2C94%2C122%2C125%2C40%2C95%2C20%2C18%2C100%2C63%2C32%2C127%2C126%2C128%2C119%2C21%2C31%2C53%2C93%2C134%2C64%2C15%2C30%2C186%2C157%2C266%2C203%2C147%2C189%2C182%2C91%2C115%2C72%2C104%2C48%2C41%2C102%2C103%2C108%2C52%2C14%2C110%2C101%2C59%2C43%2C97%2C47%2C50%2C46%2C85%2C137%2C0%2C107%2C11%2C105%2C9%2C1%2C51%2C80%2C57%2C60%2C99%2C76%2C75%2C45%2C120%2C74%2C71%2C65%2C98%2C90%2C37%2C121%2C33%2C92%2C10%2C140

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

bef35422fc711ef3d9d484894345ae90bf44cbd4027d06fd64c1091b5bd2d538

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-vNxxP93N' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-vNxxP93N' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=89, mss=1232, tbw=96040, tp=88, tpl=0, uplat=197, ullat=0
pragma: public
x-fb-debug: GbJAYbbpUjJ/CnfZSHn85hHVC8CRqJTO/k/2Dqe5Ji+GLhH6vsgt0ngEhZLyfHF200mlgG7138yF20tk3FLCPw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 139ms
32ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1759953514306&plid=b85cf59b-4cbc-4da6-96f7-29ab65e14a45&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2F&sref=&sts=1759953514305&slts=0&title=Canada.Com+%7C+Homepage+%7C+Canada.Com&date=Wed+Oct+08+2025+21%3A58%3A34+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=659db0c6-8d0b-4ec2-97d7-07355e8c2501&u=pid%3D4204c588-c356-4880-9002-2781845ebf91
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Wed, 08 Oct 2025 19:58:34 GMT
Content-Type: image/gif
Last-Modified: Wednesday, 08-Oct-2025 19:58:34 GMT
Server: nginx
Connection: keep-alive

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 89 B
1 KB 136ms
33ms Fetch
application/json 57.129.85.99
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.85.99 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy01.cl15.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://o.canada.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: br
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://o.canada.com
content-length: 84
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 39540dd2e35153f61c8a.js Show response
sdk.mrf.io/statics/ 81 KB
19 KB 34ms
34ms Script
application/javascript 104.19.220.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sdk.mrf.io/statics/39540dd2e35153f61c8a.js
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.220.32 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddced884e82d6ed9fdaf9f509a01baf4dc2d1963b3975240219c2e2ac0300de4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://o.canada.com/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: HIT
etag: W/"f665821b94ae905fe97fd2519fb40673"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: F3a0hhs8ItCwswizz-7k5L_TOcXsbLUwWeIh8QgrlIL5lwDaPpPMxg==
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Mon, 06 Oct 2025 10:33:55 GMT
vary: accept-encoding
priority: u=1,i=?0
x-served-by: haproxy06.cl13.ovh.mrf.io
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 19
via: 1.1 1353d0f179fd5aec18d6a9162c7bacb0.cloudfront.net (CloudFront)
cf-ray: 98b836b889a0f551-FRA
access-control-allow-origin: *
x-amz-cf-pop: CDG54-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 adsct
t.co/1/i/ 43 B
496 B 243ms
219ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=527f8734-3e5f-4ad9-b351-1cba5c798c51&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4050eb02-2dac-4a8c-914b-330342f58561&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&tw_document_href=https%3A%2F%2Fo.canada.com%2F&tw_iframe_status=0&txn_id=o3990&type=javascript&version=2.3.34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=631138519; includeSubdomains
x-transaction-id: d85ef8a253408db6
cache-control: no-cache, no-store, max-age=0
origin-cf-ray: 98b836b8cbd43a86-FRA
x-connection-hash: 022ea29f4ac806efbcc978a9d6015d188215379b70aaa12453c8ec6e693f77a1
cf-cache-status: DYNAMIC
cf-ray: 98b836b8cbd43a86-FRA
x-response-time: 75
content-length: 43
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b
x-served-by: tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
833 B 153ms
124ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=527f8734-3e5f-4ad9-b351-1cba5c798c51&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4050eb02-2dac-4a8c-914b-330342f58561&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&tw_document_href=https%3A%2F%2Fo.canada.com%2F&tw_iframe_status=0&txn_id=o3990&type=javascript&version=2.3.34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=631138519; includeSubdomains
x-transaction-id: 1ffa1746dbaf77f3
cache-control: no-cache, no-store, max-age=0
origin-cf-ray: 98b836b8ca60ffed-ATL
x-connection-hash: ed84084048e843d3fb58ad5d40fb1d744336bf456cd5fd0fc332d5156ef2fb07
cf-cache-status: DYNAMIC
cf-ray: 98b836b8ca60ffed-FRA
x-response-time: 6
content-length: 43
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b
x-served-by: tsa_b

GET
H2 200 adsct
t.co/1/i/ 43 B
292 B 241ms
218ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a3906476-f9a5-4238-8d60-8c5eac846de9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4050eb02-2dac-4a8c-914b-330342f58561&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&tw_document_href=https%3A%2F%2Fo.canada.com%2F&tw_iframe_status=0&txn_id=o3990&type=javascript&version=2.3.34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=631138519; includeSubdomains
x-transaction-id: 6b05eb857dcc11ea
cache-control: no-cache, no-store, max-age=0
origin-cf-ray: 98b836b8cbd63a86-FRA
x-connection-hash: b95829c0e8e4501997a9064f0693b1d171653e70cf3f5174c94c057527aa226c
cf-cache-status: DYNAMIC
cf-ray: 98b836b8cbd63a86-FRA
x-response-time: 77
content-length: 43
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b
x-served-by: tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
628 B 202ms
173ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2632%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=a3906476-f9a5-4238-8d60-8c5eac846de9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4050eb02-2dac-4a8c-914b-330342f58561&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&tw_document_href=https%3A%2F%2Fo.canada.com%2F&tw_iframe_status=0&txn_id=o3990&type=javascript&version=2.3.34

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=631138519; includeSubdomains
x-transaction-id: cd1734d26db0cd7c
cache-control: no-cache, no-store, max-age=0
origin-cf-ray: 98b836b8ca66ffed-ATL
x-connection-hash: ba6497b7c5c3f927598a5bec46f4cd2c985b9391401be8a9dc3fe79fc219e58f
cf-cache-status: DYNAMIC
cf-ray: 98b836b8ca66ffed-FRA
x-response-time: 6
content-length: 43
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b
x-served-by: tsa_b

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 41 B
147 B 14ms
13ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b9a38d65df46c3a4789f1e3b555770e4f490b70203aff21cc1a383aa33d133d3

Request headers

Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept: text/plain;charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

content-encoding: gzip
x-timer: S1759953514.400640,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json
x-served-by: cache-fra-etou8220123-FRA
server: Kestrel
x-cache-hits: 0
vary: Accept-Encoding

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
453 B 110ms
108ms Fetch
application/json 57.129.85.99
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.85.99 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy01.cl15.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://o.canada.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: br
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://o.canada.com
content-length: 30
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 /
www.facebook.com/privacy_sandbox/topics/registration/ 67 B
0 238ms
220ms Fetch
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/privacy_sandbox/topics/registration/?id=1685973801652415

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1685973801652415?v=2.9.234&r=stable&domain=o.canada.com&hme=8cc7145f8d1f3cf4631177d0631077d9deb0ae3f644f21ab6cd23c0c201883ea&ex_m=88%2C149%2C129%2C19%2C123%2C62%2C42%2C124%2C69%2C61%2C136%2C77%2C13%2C87%2C27%2C118%2C109%2C67%2C70%2C117%2C133%2C96%2C138%2C7%2C3%2C4%2C6%2C5%2C2%2C78%2C86%2C139%2C215%2C161%2C56%2C220%2C217%2C218%2C49%2C176%2C26%2C66%2C224%2C223%2C164%2C29%2C55%2C8%2C58%2C82%2C83%2C84%2C89%2C113%2C28%2C25%2C116%2C112%2C111%2C130%2C68%2C132%2C131%2C44%2C114%2C54%2C106%2C12%2C135%2C39%2C205%2C207%2C171%2C22%2C23%2C24%2C16%2C17%2C38%2C34%2C36%2C35%2C73%2C79%2C81%2C94%2C122%2C125%2C40%2C95%2C20%2C18%2C100%2C63%2C32%2C127%2C126%2C128%2C119%2C21%2C31%2C53%2C93%2C134%2C64%2C15%2C30%2C186%2C157%2C266%2C203%2C147%2C189%2C182%2C91%2C115%2C72%2C104%2C48%2C41%2C102%2C103%2C108%2C52%2C14%2C110%2C101%2C59%2C43%2C97%2C47%2C50%2C46%2C85%2C137%2C0%2C107%2C11%2C105%2C9%2C1%2C51%2C80%2C57%2C60%2C99%2C76%2C75%2C45%2C120%2C74%2C71%2C65%2C98%2C90%2C37%2C121%2C33%2C92%2C10%2C140

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-6l9ZyTLY' blob: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

access-control-expose-headers: X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7558942786477835748&cpp=C3&cv=1028148389&st=1759953514713"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
observe-browsing-topics: ?1
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods: OPTIONS
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/png
vary: Origin, Accept-Encoding
x-fb-debug: RMuSjoudFgCbjm+e8MZGPtEVfIFR8WnGD1eSjWbX6MnVatF38Fg2XUJrS5fSRtob2PcbX6ryD05Xdx7Yix2zhg==
priority: u=1,i
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7558942786477835748&cpp=C3&cv=1028148389&st=1759953514713", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-6l9ZyTLY' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=4991, tp=10, tpl=0, uplat=210, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 26ms
9ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2F&rl=&if=false&ts=1759953514535&sw=1600&sh=1200&v=2.9.234&r=stable&ec=0&o=4126&fbp=fb.1.1759953514527.463821477910510744&cs_est=true&ler=empty&cdl=API_unavailable&pmd[title]=%0A%20%20%20%20Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com%0A&pmd[description]=%0A%20%20%20%20Read%20latest%20breaking%20news%2C%20updates%2C%20and%20headlines.%20Canada.com%20offers%20information%20on%20latest%20national%20and%20international%20events%20%26%20more.%0A&pmd[contents]=%5B%7B%22name%22%3A%22Canada.Com%22%7D%5D&plt=714.7999954223633&it=1759953514300&coo=false&expv2[0]=pl1&expv2[1]=el2&expv2[2]=bc1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4735, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
199 B 181ms
163ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2F&rl=&if=false&ts=1759953514535&sw=1600&sh=1200&v=2.9.234&r=stable&ec=0&o=4126&fbp=fb.1.1759953514527.463821477910510744&cs_est=true&ler=empty&cdl=API_unavailable&pmd[title]=%0A%20%20%20%20Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com%0A&pmd[description]=%0A%20%20%20%20Read%20latest%20breaking%20news%2C%20updates%2C%20and%20headlines.%20Canada.com%20offers%20information%20on%20latest%20national%20and%20international%20events%20%26%20more.%0A&pmd[contents]=%5B%7B%22name%22%3A%22Canada.Com%22%7D%5D&plt=714.7999954223633&it=1759953514300&coo=false&expv2[0]=pl1&expv2[1]=el2&expv2[2]=bc1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 127.0.0.1: 'nonce-i0jONTax' blob: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;child-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net accounts.meta.com .accounts.meta.com https://trustly.one/ https://.trustly.one/ https://paywithmybank.com/ https://.paywithmybank.com/;manifest-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;object-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7558942786382712061&cpp=C3&cv=1028148389&st=1759953514623"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["1248673751829361"]},"debug_reporting":true,"debug_key":"879255475159269709"}
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: bFnBl2XfiDyVXejUraEI3TTGwPLuxd9MfeKZM8ysPp4SmsOtujKfkmgLO17NXvdupPw2TsgLV8ws+51F7e0ZIg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7558942786382712061&cpp=C3&cv=1028148389&st=1759953514623", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-i0jONTax' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5375, tp=13, tpl=0, uplat=156, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
126 B 114ms
61ms Fetch 18.194.3.175
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-3-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

date: Wed, 08 Oct 2025 19:58:34 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *

GET
H2 200 4511.b0a9d93713bedef4e969.js Show response
cdn.viafoura.net/chunks/ 40 KB
12 KB 10ms
9ms Script
application/javascript 18.66.102.119
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.viafoura.net/chunks/4511.b0a9d93713bedef4e969.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adbb267a810797e8a2fd7dae84caf1a3b9692a7fb9b3039126a13fb7ae9ebd29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
x-amz-version-id: LBFCuhtUIbMcBoJzo4axHPU40YCFSNUr
etag: W/"ca48d6da345a8f4629528a460737ba70"
age: 11276
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: kErTaezo6U274iezF_TwcF1hjZmbuJXnpFwO_anAm0wzrTK1YfV-gg==
date: Wed, 08 Oct 2025 16:50:39 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 08 Oct 2025 16:50:13 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 7273.b77d621be7ffa9ab92da.js Show response
cdn.viafoura.net/chunks/ 19 KB
5 KB 13ms
13ms Script
application/javascript 18.66.102.119
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.viafoura.net/chunks/7273.b77d621be7ffa9ab92da.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fd9a82e4ae36ffd6226dd5f423898db4066d35b3ceaedb4551f94515a89d53b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
x-amz-version-id: 21JDRvoqvGCFuK7qqy9WK2sGXjLad1pr
etag: W/"e07e62931851c79beab0ae0534f31105"
age: 11276
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gviEAqMrhtFzMJkrllaOYrUKNcSUVxRjSzUJgmB0db9bEVNfRGKf8Q==
date: Wed, 08 Oct 2025 16:50:39 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 08 Oct 2025 16:50:05 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 LoginRadiusV2.js Show response
auth.lrcontent.com/v2/ 245 KB
56 KB 21ms
21ms Script
text/javascript 104.18.5.235
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://auth.lrcontent.com/v2/LoginRadiusV2.js

Requested by

Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.235 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0757d71db4878b3901dadb04fc5cfc53b8e991ef868751795a048b17ea5164

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Uq6zoHYCLczbTmiiDNACiktelk6QK1KZ
etag: W/"8b21ac44d5cc654e0e799a9870a9f65e"
age: 3090
expires: Wed, 08 Oct 2025 23:58:34 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: _4GO-hUen5BNvg-g7txFolodnzxilc_ohMmx0UG0N83ILXB3DX63aQ==
date: Wed, 08 Oct 2025 19:58:34 GMT
content-type: text/javascript
last-modified: Tue, 16 Sep 2025 07:43:41 GMT
vary: Origin, Accept-Encoding
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cache-control: public, max-age=14400
via: 1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront)
cf-ray: 98b836bb98f74dbb-FRA
x-amz-cf-pop: FRA56-P8
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 ingest
i.viafoura.co/v3/o.canada.com/ 67 B
264 B 419ms
177ms Ping
image/png 34.204.142.167
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://i.viafoura.co/v3/o.canada.com/ingest
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.142.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-142-167.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://o.canada.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://o.canada.com
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Wed, 08 Oct 2025 19:58:35 GMT
content-type: image/png
access-control-allow-credentials: true

GET
H3 200 9026.109afe91ac0b744c44e7.js Show response
cdn.viafoura.net/chunks/ 6 KB
3 KB 10ms
10ms Script
application/javascript 18.66.102.119
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.viafoura.net/chunks/9026.109afe91ac0b744c44e7.js
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.102.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d55b032e42097a7cc3766e9edc12d34421ab38e60afadbb45dfc4a03a27f835d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

content-encoding: br
x-amz-version-id: 1VMub2TlKo3rIygmyps1mbd8.kA00LYl
age: 11273
etag: W/"91b27830ae9bb78b49395467cc3e93b0"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RW5g2LBxWe41mVc17wU47lA-yA4SpSkcAPLVBaiN72QpQLtD_fq0FA==
date: Wed, 08 Oct 2025 16:50:42 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 08 Oct 2025 16:50:10 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=31536000
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 appInfo
config.lrcontent.com/ciam/ Frame 0
0 110ms
80ms Preflight 104.18.4.235
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.235 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://o.canada.com
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 98b836bc5b17dc59-FRA
date: Wed, 08 Oct 2025 19:58:35 GMT
server: cloudflare
vary: Origin

GET
H2 200 appInfo Show response
config.lrcontent.com/ciam/ 5 KB
2 KB 31ms
31ms XHR
application/json 104.18.4.235
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by: Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.235 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8835c0349b6a217df385f575034c6a1145a4f1d23424eaee6f55113847ca98d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/
X-Requested-With: XMLHttpRequest

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
cf-ray: 98b836bcdbb4dc59-FRA
access-control-allow-origin: https://o.canada.com
date: Wed, 08 Oct 2025 19:58:35 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H/1.1 200
OK login Show response
postmedia.hub.loginradius.com/ssologin/ 38 B
755 B 59ms
58ms XHR
application/json 54.246.81.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/
X-Requested-With: XMLHttpRequest

Response headers

Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Expires: -1
Requestid: 6e9c485d-c6ab-4589-9fd8-e415516c35bb
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Wed, 08 Oct 2025 19:58:35 GMT
Appname: postmedia
Content-Type: application/json
X-Server: ms_idx_primary
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
X-LoginRadius-Server: EU-West, Primary - IDX - AWS
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://o.canada.com
Content-Length: 38
Server: nginx

OPTIONS
H/1.1 204
No Content login
postmedia.hub.loginradius.com/ssologin/ Frame 0
0 62ms
62ms Preflight 54.246.81.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://postmedia.hub.loginradius.com/ssologin/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.246.81.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-81-101.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin: https://o.canada.com
Appname: postmedia
Cache-Control: no-cache
Connection: keep-alive
Date: Wed, 08 Oct 2025 19:58:35 GMT
Expires: -1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Requestid: cca88387-3e26-41bd-ad6d-ffdabe25436c
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server: EU-West Primary - IDX - AWS
X-Server: ms_idx_primary

GET
H/1.1 200
OK 14359 Show response
check.analytics.rlcdn.com/check/ 25 B
637 B 105ms
63ms Fetch
application/json 13.226.244.44
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://check.analytics.rlcdn.com/check/14359
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.244.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-244-44.fra56.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://o.canada.com/

Response headers

x-amz-apigw-id: SHXQ0F-5DoEEMeQ=
Age: 48333
Connection: keep-alive
X-Amzn-Trace-Id: Root=1-68e6059e-5017911f681a60352e3aa19b
x-amzn-RequestId: 32a77e69-78cc-4c4b-b6a6-9967ce2c4665
Via: 1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront), 1.1 2d148e8afd5950255ce014a0e33236f4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Content-Length: 25
X-Amz-Cf-Id: zWalYln5JXq7lYM5_kxRMDesoamOBfItBqO02Xb2fB6C40eJY0XZOg==
Date: Wed, 08 Oct 2025 06:33:02 GMT
Content-Type: application/json
X-Amz-Cf-Pop: FRA56-P8, FRA56-P14

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 32ms
16ms Script
text/javascript 142.250.186.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

ESF /

Resource Hash

bbfacf06f08c9832af6a807c24372c43ec1df4577c397f19db169a960b98f609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 19:58:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 08 Oct 2025 19:58:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/ 805 KB
345 KB 43ms
10ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6533096fb1f5295c91e36a297b725192d68bb77401c97edd2c994f2dc72f6e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin: https://o.canada.com
Referer: https://o.canada.com/

Response headers

content-encoding: gzip
age: 181810
report-to: {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]}
x-content-type-options: nosniff
expires: Tue, 06 Oct 2026 17:28:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Oct 2025 17:28:26 GMT
last-modified: Mon, 06 Oct 2025 04:00:11 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs
accept-ranges: bytes
access-control-allow-origin: *
content-length: 352906
x-xss-protection: 0
server: sffe

GET
H2 200 pd Show response
postmedia-d.openx.net/w/1.0/ Frame 142F 199 B
424 B 103ms
63ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://postmedia-d.openx.net/w/1.0/pd
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 199
content-type: text/html
date: Wed, 08 Oct 2025 19:58:36 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 149.88.24.195

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 34B0 3 KB
2 KB 44ms
14ms Document
text/html 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

age: 131
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 98b836c58b33dbd0-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 08 Oct 2025 19:58:36 GMT
expires: Wed, 08 Oct 2025 23:58:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: accept-encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9BA8 52 KB
17 KB 45ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 31894
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 08 Oct 2025 19:58:36 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 10 Sep 2025 11:06:06 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.24.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2476222, 159933
X-Served-By: cache-lga21982-LGA, cache-fra-etou8220156-FRA
X-Timer: S1759953516.414739,VS0,VE0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9C2D 15 KB
6 KB 60ms
28ms Document
text/html 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=o.canada.com&gpp=

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0d7ab370797250292fee38f5d45a82b4ce7e75eae410309999c6b387cb07064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Oct 2025 19:58:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 266572
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 75F5 21 KB
7 KB 53ms
8ms Document
text/html 95.100.185.43
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.185.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-185-43.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer: https://o.canada.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=131482
content-encoding: gzip
content-length: 7259
content-type: text/html
date: Wed, 08 Oct 2025 19:58:36 GMT
expires: Fri, 10 Oct 2025 08:29:58 GMT
last-modified: Mon, 29 Sep 2025 15:12:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9BA8 0
483 B 104ms
63ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 149.88.24.195; 149.88.24.195; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 3f9a184e-8c3e-40c1-b156-5fda24cae79e
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 08 Oct 2025 19:58:36 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 958B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

26ms
26ms

Document
text/html

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755ac822d7d0ece7e63e7a82024d18dccedaa385d126ebc06dac238f8c1c1c39

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 98b836c6098b37f7-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 Oct 2025 19:58:36 GMT
expires: 0
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8xKSAmGp8MzgXAV%2F9Jk%2BeYEl6C78%2FG02rUX4WznA8AIRGktV7IZ6pb%2BLMJI17xeif8VnROWBYezqM%2Fn%2FiOSYGdRk3zZH%2FscmHwaV2ACC%2Fa9UEbmdAKt7"}]}
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 98b836c5d96e37f7-FRA
content-length: 0
date: Wed, 08 Oct 2025 19:58:36 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ej%2FB6XxpDqYizCIyqtpHB2M3Ng86fEDUtkN%2Bw43OJxP6m4gFDLa54hdyY7%2Fgu23%2FLOOBlJbv%2BtVwe7PouGB2L7DCsx37z0%2FbVeyJccWBTbPskVzmDSfI"}]}
server: cloudflare
server-timing: cfExtPri
vary: accept-encoding

GET
H2 200 geo Show response
ut.pubmatic.com/ Frame 75F5 29 B
137 B 134ms
75ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL

https://ut.pubmatic.com/geo?pubid=160305

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

Resource Hash

1e391c14a998585555b87a4d8c284553fb6153f7e135fc04aa567f382c61e6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
access-control-allow-origin: *
cache-control: max-age=172800
content-length: 29
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 9C2D 2 KB
1 KB 45ms
45ms Fetch
application/json 178.250.1.12
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=o.canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&topicsavail=1&fledgeavail=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=o.canada.com&gpp=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.12 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85ef8fb5bfb8a12eb4a591522c98cea68a3994c56af2d09dae41adceaee354bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=o.canada.com&gpp=

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
server-processing-duration-in-ticks: 1505984
expires: 0
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://x.bidswitch.net/sync?ssp=criteo&custom_data=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-UqVjaCwG...
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-Uq...
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-lYOXiiwGF1CC1p49PNmhNTlJDn2Zn0Bcy7rPaQ&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/match?p=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&u=23098e56-89ce-4c17-9ce0-6446f79abb32

0
141 B

16ms
16ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&u=23098e56-89ce-4c17-9ce0-6446f79abb32

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Wed, 08 Oct 2025 19:58:35 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //ssp-sync.criteo.com/user-sync/match?p=RnQ_fF9pU0dua3JRQnQlMkIxVUJVSVFKQW1FRnBLWiUyRnNpdiUyQjV1N3ZjZk1BVFJ0ZkNvJTNE&u=23098e56-89ce-4c17-9ce0-6446f79abb32
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:58:36 GMT

GET getuid
secure.adnxs.com/ 0
0

GET
H2

204

match
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-UqVjaCwGF1CC1p49PNmhNTlJDn2v7PajwgqmqA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3...
https://ssp-sync.criteo.com/user-sync/match?p=TjOwCl85aUElMkZxQ0wlMkJ0WFlBcnA1WjJvbEhkZG1vYlkzbTdEZGNPN3RUNTRZeTgwOCUzRA&u=CAESEN1H4Lw7HOvhQwlFfNOg7JY&gdpr=0&gdpr_consent=&google_cver=1

0
142 B

76ms
21ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/match?p=TjOwCl85aUElMkZxQ0wlMkJ0WFlBcnA1WjJvbEhkZG1vYlkzbTdEZGNPN3RUNTRZeTgwOCUzRA&u=CAESEN1H4Lw7HOvhQwlFfNOg7JY&gdpr=0&gdpr_consent=&google_cver=1

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
date: Wed, 08 Oct 2025 19:58:36 GMT
cross-origin-resource-policy: cross-origin
server: Kestrel

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ssp-sync.criteo.com/user-sync/match?p=TjOwCl85aUElMkZxQ0wlMkJ0WFlBcnA1WjJvbEhkZG1vYlkzbTdEZGNPN3RUNTRZeTgwOCUzRA&u=CAESEN1H4Lw7HOvhQwlFfNOg7JY&gdpr=0&gdpr_consent=&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 398
date: Wed, 08 Oct 2025 19:58:36 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

bidder-initiated
ssp-sync.criteo.com/user-sync/
Redirect Chain

https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent=
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=8695803734065763831

0
144 B

35ms
34ms

Image
text/plain

178.250.1.57
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to Show image

Full URL

https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=8695803734065763831

Protocol

Server

178.250.1.57 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://o.canada.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
content-length: 0
date: Wed, 08 Oct 2025 19:58:35 GMT
server: Kestrel
cross-origin-resource-policy: cross-origin

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=8695803734065763831
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Wed, 08 Oct 2025 19:58:35 GMT

GET e805be652c9053b8f771665f0ac3c361.gif
cs.admanmedia.com/ 0
0

GET
H/1.1

200

dcm
s.amazon-adsystem.com/ Frame 958B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid=&dcc=t

43 B
853 B

146ms
145ms

Image
image/gif

98.82.156.107
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-156-107.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: Q2JKXAN70FVYGGZK48RF
Content-Length: 43
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Wed, 08 Oct 2025 19:58:37 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gpp=&gpp_sid=&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: VEZA4RT9ENTG527XY34G
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Wed, 08 Oct 2025 19:58:36 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 958B 70 B
149 B 112ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

content-length: 70
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: image/gif
server: Kestrel

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 958B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aObCbLmqPEEADitDAacRjQAA

170 B
232 B

57ms
56ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aObCbLmqPEEADitDAacRjQAA

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 08 Oct 2025 19:58:36 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CzHw8hEgjULMGHuKCBGBPIQuq0eIsxHQFSaww7wGo5fTPxN0FDvopq12kQpvA2kFvfatVYCQQerjH8SORjmZWRGO9l2paYvxxkC3dM9TFA9CLIEcWegu"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 08 Oct 2025 19:58:36 GMT
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aObCbLmqPEEADitDAacRjQAA
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98b836c639b637f7-FRA
content-length: 0
server: cloudflare

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 958B 170 B
409 B 90ms
62ms Image
image/png 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aObCbLmqPEEADitDAacRjQAABG4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 08 Oct 2025 19:58:36 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 958B
Redirect Chain

https://s.c.appier.net/index?userId=aObCbLmqPEEADitDAacRjQAA%261134&gdpr=&us_privacy=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=j2fUb_fyCTqObM9HbcLmaA&gdpr=1

43 B
717 B

24ms
24ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=j2fUb_fyCTqObM9HbcLmaA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VJ9zRuZE9ZAEuqBOAhPm8hQLo8ZvnrYx2X4cElhW47wDBU4Ufgq%2FjurF%2FLDJVZ5x6zEYD9Eop7IWyGlbxAxcU%2BR7MuVkepO9N5F1FkZwhNEvqA6Rsu4V"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 08 Oct 2025 19:58:37 GMT
content-type: image/gif
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98b836cb8e3037f7-FRA
content-length: 43
server: cloudflare

Redirect headers

Cache-Control: no-store
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=203&external_user_id=j2fUb_fyCTqObM9HbcLmaA&gdpr=1
Accept-Ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Length: 0
P3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Wed, 08 Oct 2025 19:58:37 GMT
Server: nginx

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 958B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662113339284364

43 B
714 B

25ms
25ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662113339284364
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cH4iZQrt3nPT4SRrousRUduL6kDKp6W318K5eEe4WLT2jksZ6c9hmmiqJrXMf3BIPmPCPYaP%2BKzUaNJ3%2F0Ibl07dtfRkPBSrN3aF4k%2FtP9c7NknMnxTu"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: image/gif
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98b836c88be137f7-FRA
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, private
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662113339284364
cf-cache-status: DYNAMIC
pragma: no-cache
x-function: 209
cf-ray: 98b836c77ea18fee-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
x-reuse-index: 335
p3p: CP="NOI DEVo TAIa OUR BUS"
server-timing: cfExtPri
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: text/html
server: cloudflare
priority: u=3,i

GET
H2 200 aObCbLmqPEEADitDAacRjQAABG4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 958B 43 B
343 B 164ms
80ms Image
image/gif 54.171.96.116
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/aObCbLmqPEEADitDAacRjQAABG4AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.96.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-96-116.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age: 0
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: image/gif
server: ATS
x-frame-options: DENY

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 958B
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433839956464277

43 B
713 B

23ms
22ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433839956464277
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uViarhinhdgsX0SSpaw4dNVK2CfL6zJFUjCO%2BIxAbksylkAY43TpMmzHo8KCkWPBGTQnhc2BfRKTCngPnmv5XEH3IvtVxXOTsO2nklLvyVqVTWIcy4Ay"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: image/gif
vary: accept-encoding
priority: u=3,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98b836c6aa1e37f7-FRA
content-length: 43
server: cloudflare

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433839956464277
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Wed, 08 Oct 2025 19:58:36 GMT
Server: Jetty(9.4.51.v20230217)

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 958B 43 B
215 B 20ms
13ms Image
image/gif 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?aObCbLmqPEEADitDAacRjQAA%261134
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

cache-control: public, max-age=86400
cf-cache-status: HIT
etag: "2b-546dc3a097100"
age: 60896
cf-ray: 98b836c64c92dbd0-FRA
expires: Thu, 09 Oct 2025 19:58:36 GMT
accept-ranges: bytes
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 08 Oct 2025 19:58:36 GMT
edge-control: cache-maxage=1h
content-type: image/gif
vary: accept-encoding
server: cloudflare
last-modified: Tue, 24 Jan 2017 19:36:04 GMT

GET
H2 200 geo Show response
ut.pubmatic.com/ Frame 75F5 29 B
0 36ms
36ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://ut.pubmatic.com/geo?pubid=160305
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1e391c14a998585555b87a4d8c284553fb6153f7e135fc04aa567f382c61e6e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=172800
content-length: 29
date: Wed, 08 Oct 2025 19:58:36 GMT
content-type: application/json

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 740ms
380ms Preflight 54.203.221.146
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.203.221.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-221-146.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://o.canada.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Wed, 08 Oct 2025 19:58:37 GMT
x-amz-apigw-id: SJNRMFfPvHcEfRg=
x-amzn-requestid: 5360a356-2421-4a1d-9107-ece8c03478c2

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
375 B 337ms
336ms Fetch
application/json 54.203.221.146
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.203.221.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-221-146.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7f2fa16190b3c846137e18fe7c6eafb6f45c2775d165271dd7297b631069d6a9

Request headers

Referer: https://o.canada.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca

Response headers

x-amz-apigw-id: SJNRPGObvHcEGug=
x-amzn-trace-id: Root=1-68e6c26d-3f1b6aa8108b37f43f29e96f
access-control-allow-methods: *
x-amzn-requestid: 7cd7b24a-f625-4ea9-aa6f-8f41c77138b1
access-control-allow-origin: *
content-length: 146
date: Wed, 08 Oct 2025 19:58:37 GMT
content-type: application/json

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9BA8 0
482 B 19ms
19ms Script
text/html 185.89.210.46
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.25.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://acdn.adnxs.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 149.88.24.195; 149.88.24.195; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: b8b0d189-3b71-45c4-a7a3-d0439c82ab62
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 08 Oct 2025 19:58:37 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.25.5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.intentiq.com
URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1589173297&pt=17&dpn=1&jsver=6.122&iiqidtype=2&iiqpcid=6bfbfc72-aa8d-523f-e563-ee61fc06e9f6&iiqpciddate=1759953512288&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=882_1759953512290&cttl=0&gdpr=0&requestRtt=0&lastDataUpdateDate=0&testGroup=U&japbjs=true&japs=false&vrref=https%3A%2F%2Fo.canada.com%2F

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1589173297&iiqidtype=2&iiqpcid=6bfbfc72-aa8d-523f-e563-ee61fc06e9f6&iiqpciddate=1759953512288&tsrnd=229_1759953512296&jsver=6.122&cz=0%3A1200%2C1%3A1600%2C2%3A1%2C3%3A1200%2C4%3A1600%2C5%3Ade-DE&dw=1600&dh=1200&dpr=1&lan=de-DE&testPercentage=-1&testGroup=U&uh=%7B%220%22%3A%22%22%2C%221%22%3A%22%3F0%22%2C%227%22%3A%22%3F0%22%2C%228%22%3A%22%22%7D&vrref=https%3A%2F%2Fo.canada.com%2F&gpc=undefined&gdpr=0

Domain: pb-ing-postmedia.ccgateway.net
URL: https://pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/page_load

Domain: o.canada.com
URL: blob:https://o.canada.com/49180bf2-828b-4b06-b589-a8b434b6ddef

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuidj?gdpr=0

Domain: pb-ing-postmedia.ccgateway.net
URL: https://pb-ing-postmedia.ccgateway.net/ping/v1.0/realtime/d3510145d6?profile_id=517a5d6f-e6da-48a1-94fc-7f86e7d3aade&url=https%253A%252F%252Fo.canada.com%252F&eid=pubcid.org%3Ab1dce364-1587-4c78-ade7-8e4b4b1fee45&context=true&contextLimit=1000&audience=true&audienceLimit=1000&deal_ids=true&custom_taxonomy=true&customTaxonomyLimit=1000

Domain: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d32fEYV9wMzJ3blE5TjdkZE1GVDZTa2Q2bGhpcUE5UVdBUUpYNlNGOTUyaGRNaDg0JTNE%26u%3d%24UID&gdpr=0&gdpr_consent=

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/e805be652c9053b8f771665f0ac3c361.gif?puid=k-UqVjaCwGF1CC1p49PNmhNTlJDn2v7PajwgqmqA&redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM3LQ719NU3plOWxFTEtERzByNmZNVzF5MExLSmhzQmlrSnhGZmhaZ3dZcUtUM1E0JTNE%26u%3d%24%7bUSER_ID%7d&gdpr=0&gdpr_consent=&ccpa=

Verdicts & Comments Add Verdict or Comment

270 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

65 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.canada.com/	1970-01-21 09:35:45	Name: pbjs_sharedId Value: b1dce364-1587-4c78-ade7-8e4b4b1fee45
.canada.com/	1970-01-21 09:35:45	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
o.canada.com/	1970-01-21 08:52:37	Name: _lr_retry_request Value: true
o.canada.com/	1970-01-21 09:35:45	Name: _lr_env_src_ats Value: false
o.canada.com/	1970-01-21 09:02:38	Name: political-ad-opt-out Value: {"data":false,"exp":604800000,"ts":1759953512268,"mac":-1197394356}
o.canada.com/	1969-12-31 23:59:59	Name: _iiq_fdata Value: %7B%22pcid%22%3A%226bfbfc72-aa8d-523f-e563-ee61fc06e9f6%22%2C%22pcidDate%22%3A1759953512288%2C%22gdprString%22%3A%22%22%2C%22gppString%22%3A%22%22%2C%22uspString%22%3A%22%22%7D
o.canada.com/	1970-01-21 17:38:09	Name: flipp-uid Value: 5bddd09a-d327-431f-8be7-45ad9a60e48f
.canada.com/	1970-01-21 18:14:09	Name: _scor_uid Value: 08954ae1ec634b0c9a0eb5a11b1456b7
.id5-sync.com/	1970-01-21 11:02:09	Name: id5 Value: 9353bf20-a433-733f-8934-f493bc4eac26#1759953512301#1
o.canada.com/	1970-01-21 11:00:46	Name: ccuid Value: 517a5d6f-e6da-48a1-94fc-7f86e7d3aade
o.canada.com/	1970-01-21 08:52:41	Name: ccsid Value: 7137bab6-c587-483b-bc3b-b9885db4eaf3
.canada.com/	1970-01-21 13:14:38	Name: permutive-id Value: 8e604233-a541-4b22-bb64-72f95a01ecb7
o.canada.com/	1970-01-21 08:52:33	Name: __adblocker Value: false
o.canada.com/	1970-01-21 08:52:35	Name: sailthru_pageviews Value: 1
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/	1970-01-21 11:05:02	Name: pxid Value: 4163cf1d-b281-4ce5-b238-83fd2b15082a
.doubleclick.net/	1970-01-21 18:14:09	Name: IDE Value: AHWqTUkn8VFD4PrcXFEWMBxWkzwzz4PtstH8MnEdWG5ILEubFegRxawk_poY6F2wwdY
.p.flipp.com/	1970-01-21 18:28:33	Name: gid Value: "YNiwfAAAGB/0ts8RAEHbPw=="
.o.canada.com/	1970-01-21 18:21:21	Name: _awl Value: 3.1759953512.5-3f7d472142801e21198cf0d974af5939-6763652d6575726f70652d7765737431-0
.canada.com/	1970-01-21 08:52:33	Name: __probe_2e5c3e8b Value: fa033720d19d
.o.canada.com/	1970-01-21 08:52:33	Name: __probe_c296f3bd Value: 502e6f5077b8
o.canada.com/	1970-01-21 17:38:09	Name: sailthru_content Value: e0e63ee57f02752e397065170b7057a9
.o.canada.com/	1970-01-21 08:52:33	Name: __probe_8cf23048 Value: 5ed7b482100a
o.canada.com/	1970-01-21 17:38:09	Name: sailthru_visitor Value: d2e68252-66a4-4250-b586-691c52519cce
prebid.media.net/	1970-01-21 13:11:45	Name: receive-cookie-deprecation Value: 1
o.canada.com/	1970-01-21 09:02:38	Name: x-id Value: {"data":{"id":"4nq7h940nogqaucx9hcy4beto3xv53jaw","updated":1759953513827,"adLightDisabled":true,"adLight":false},"exp":604800000,"ts":1759953513827,"mac":-183943788}
fem.gprod.postmedia.digital/	1970-01-21 09:02:38	Name: x-id Value: {"data":{"id":"4nq7h940nogqaucx9hcy4beto3xv53jaw","updated":1759953513827,"adLightDisabled":true,"adLight":false},"exp":604800000,"ts":1759953513835,"mac":-183942889}
.canada.com/	1970-01-21 13:11:45	Name: __eoi Value: ID=4336d01dde2783d1:T=1759953513:RT=1759953513:S=AA-Afja5LrFPEX4bnf06RwXGjWqG
.canada.com/	1970-01-21 18:28:33	Name: _ga_SGKH0VJNRQ Value: GS2.1.s1759953514$o1$g0$t1759953514$j60$l0$h0
.canada.com/	1970-01-21 18:28:33	Name: _ga Value: GA1.1.1848883571.1759953514
.canada.com/	1970-01-21 08:52:35	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1759953514305%2C%22slts%22:0}
.canada.com/	1970-01-21 18:21:57	Name: _parsely_visitor Value: {%22id%22:%22pid=4204c588-c356-4880-9002-2781845ebf91%22%2C%22session_count%22:1%2C%22last_session_ts%22:1759953514305}
.canada.com/	1970-01-21 13:11:45	Name: ___nrbic Value: 2\|t3twtm\|t3twtm\|t3twtm\|55ba728e-2678-48b6-b7b9-eb21e52d2f34\|%5B%5D\|true\|1\|https%3A%2F%2Fo.canada.com%2F\|\|\|true
.canada.com/	1970-01-21 13:11:45	Name: ___nrbi Value: 2\|t3twtm\|191e5fbf-bf39-4bdc-a5b2-288a04608128\|%5B%5D\|t3twtm\|1\|\|\|
.canada.com/	1970-01-21 13:11:45	Name: compass_uid Value: 191e5fbf-bf39-4bdc-a5b2-288a04608128
.canada.com/	1970-01-21 17:38:09	Name: mprtcl-v4_4662F03F Value: {'gs':{'ie':1\|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'\|'av':'1.0.0'\|'cgid':'387631bf-7483-4ab5-cba3-77d00b7bf537'\|'das':'38fc0cff-1056-42d1-1859-62d00104b1f8'\|'csm':'WyI4MDkwODQyNzI2OTIyMDM0NDMwIl0='\|'sid':'E55BB600-D9A0-41C6-257A-F52C804AF7CB'\|'les':1759953514390\|'ssd':1759953513923}\|'l':0\|'8090842726922034430':{'fst':1759953514209\|'ui':'eyIxMSI6IjRucTdoOTQwbm9ncWF1Y3g5aGN5NGJldG8zeHY1M2phdyJ9'}\|'cu':'8090842726922034430'}
.newsroom.bi/	1970-01-21 13:11:45	Name: 1528_u Value: 191e5fbf-bf39-4bdc-a5b2-288a04608128
.newsroom.bi/	1969-12-31 23:59:59	Name: 1528_s Value: 55ba728e-2678-48b6-b7b9-eb21e52d2f34
.newsroom.bi/	1970-01-21 09:35:45	Name: 1528_lv Value: null
.newsroom.bi/	1970-01-21 09:35:45	Name: 1528_ut Value: 0
.canada.com/	1970-01-21 11:02:09	Name: _fbp Value: fb.1.1759953514527.463821477910510744
.twitter.com/	1970-01-21 18:28:33	Name: guest_id_marketing Value: v1%3A175995351443375651
.twitter.com/	1970-01-21 18:28:33	Name: guest_id_ads Value: v1%3A175995351443375651
.twitter.com/	1970-01-21 18:28:33	Name: personalization_id Value: "v1_y0RzU7ErQ7SPTSp7xli+UA=="
.twitter.com/	1970-01-21 18:28:33	Name: guest_id Value: v1%3A175995351443375651
.t.co/	1970-01-21 18:28:33	Name: muc_ads Value: 4c0b6473-bb76-47c0-8431-e536e037c0d6
.canada.com/	1970-01-21 08:52:35	Name: _vfb Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1..1759953515....
o.canada.com/	1970-01-21 08:52:33	Name: _vfz Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1759953515.1.medium=direct\|source=\|sharer_uuid=\|terms=
.canada.com/	1970-01-21 17:38:09	Name: _vfa Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.d4b084bb-24c5-4beb-b92a-db853b11c71c.1759953515.1759953515.1759953515.1
o.canada.com/	1970-01-21 09:02:38	Name: _lr_sampling_rate Value: 100
.criteo.com/	1970-01-21 18:14:09	Name: uid Value: bac31964-9322-4b11-b572-a3618c36b7a5
.casalemedia.com/	1970-01-21 17:38:09	Name: CMID Value: aObCbLmqPEEADitDAacRjQAA
.casalemedia.com/	1970-01-21 11:02:09	Name: CMPS Value: 1134
.casalemedia.com/	1970-01-21 11:02:09	Name: CMPRO Value: 1134
.canada.com/	1970-01-21 18:14:09	Name: cto_bundle Value: zIxjG19VeVB2RWZNWjhUcmZDcVlEQzViJTJCR0k3Y3BYenZqdHFVVXlReUtQc3JlcWhDYzhaS0JNdVlrUEIlMkZBU0UyMjglMkZ0d3N1TUJzenF5bmpUOWFxRkExTktrRUFzSHBrVm9VRExsaEd1M3V4N0J4a1VZcjVDV1d3MlJGaFBWRkpMdHFlN0hLYWtCNldlR3BBTXB2bDFJNmZMSVElM0QlM0Q
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwtrQ0NTMxMzEyNxfiM9RNyTPy8DNxCvHzd64CAFClsmUlAAAA
.rfihub.com/	1970-01-21 18:14:09	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwtrQ0NTMxMzEyNxfiM9RNyTPy8DNxCvHzd64CAFClsmUlAAAA
.rfihub.com/	1970-01-21 18:14:09	Name: eud Value: H4sIAAAAAAAA__vFyGtobmppaWpsamhmam4GAHaHiFQQAAAA
.turn.com/	1970-01-21 13:11:45	Name: uid Value: 8695803734065763831
.bidswitch.net/	1970-01-21 17:38:09	Name: tuuid Value: 23098e56-89ce-4c17-9ce0-6446f79abb32
.bidswitch.net/	1970-01-21 17:38:09	Name: c Value: 1759953516
.bidswitch.net/	1970-01-21 17:38:09	Name: tuuid_lu Value: 1759953516
.tribalfusion.com/	1970-01-21 11:02:09	Name: ANON_ID Value: amnoeUy4ZawUBA9MGKDZcmkim8aoMryqnqOswnZaYPN
.amazon-adsystem.com/	1970-01-21 15:15:35	Name: ad-id Value: A78VAO-ZBEGkiFmEt88TRaI
.amazon-adsystem.com/	1970-01-21 18:28:33	Name: ad-privacy Value: 0
.c.appier.net/	1970-01-21 17:38:09	Name: _auid Value: j2fUb_fyCTqObM9HbcLmaA

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://o.canada.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0603B0BBC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=14359 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://o.canada.com/ Message: Access to XMLHttpRequest at 'https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1589173297&pt=17&dpn=1&jsver=6.122&iiqidtype=2&iiqpcid=6bfbfc72-aa8d-523f-e563-ee61fc06e9f6&iiqpciddate=1759953512288&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=882_1759953512290&cttl=0&gdpr=0&requestRtt=0&lastDataUpdateDate=0&testGroup=U&japbjs=true&japs=false&vrref=https%3A%2F%2Fo.canada.com%2F' from origin 'https://o.canada.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1589173297&pt=17&dpn=1&jsver=6.122&iiqidtype=2&iiqpcid=6bfbfc72-aa8d-523f-e563-ee61fc06e9f6&iiqpciddate=1759953512288&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=882_1759953512290&cttl=0&gdpr=0&requestRtt=0&lastDataUpdateDate=0&testGroup=U&japbjs=true&japs=false&vrref=https%3A%2F%2Fo.canada.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=5bddd09a-d327-431f-8be7-45ad9a60e48f Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://o.canada.com/ Message: Access to XMLHttpRequest at 'https://ib.adnxs.com/getuidj?gdpr=0' from origin 'https://o.canada.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.adnxs.com/getuidj?gdpr=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://o.canada.com/ Message: Access to fetch at 'https://pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/page_load' from origin 'https://o.canada.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pb-ing-postmedia.ccgateway.net/ping/v1.0/parent/d3510145d6/engagement/trigger/page_load Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://o.canada.com/ Message: Attestation check for Protected Audience on https://pagead2.googlesyndication.com failed.
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F0F705BC0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://o.canada.com/ Message: Access to fetch at 'https://pb-ing-postmedia.ccgateway.net/ping/v1.0/realtime/d3510145d6?profile_id=517a5d6f-e6da-48a1-94fc-7f86e7d3aade&url=https%253A%252F%252Fo.canada.com%252F&eid=pubcid.org%3Ab1dce364-1587-4c78-ade7-8e4b4b1fee45&context=true&contextLimit=1000&audience=true&audienceLimit=1000&deal_ids=true&custom_taxonomy=true&customTaxonomyLimit=1000' from origin 'https://o.canada.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pb-ing-postmedia.ccgateway.net/ping/v1.0/realtime/d3510145d6?profile_id=517a5d6f-e6da-48a1-94fc-7f86e7d3aade&url=https%253A%252F%252Fo.canada.com%252F&eid=pubcid.org%3Ab1dce364-1587-4c78-ade7-8e4b4b1fee45&context=true&contextLimit=1000&audience=true&audienceLimit=1000&deal_ids=true&custom_taxonomy=true&customTaxonomyLimit=1000 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://o.canada.com/ Message: Attestation check for Attribution Reporting on https://www.facebook.com failed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
a.tribalfusion.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad1d9f2c9c44b28d99a9040eb1a91846.safeframe.googlesyndication.com
ads.pubmatic.com
ak.sail-horizon.com
analytics.twitter.com
api.id5-sync.com
api.intentiq.com
api.permutive.com
api.rlcdn.com
api.sail-personalize.com
api.viafoura.co
auth.lrcontent.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
ca.edge.optable.co
canada.com
cdn-gateflipp.flippback.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.permutive.app
cdn.viafoura.net
check.analytics.rlcdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect.facebook.net
cs.admanmedia.com
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dsum-sec.casalemedia.com
edge-auth.microsoft.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
events.newsroom.bi
events.qortex.ai
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googlesync.permutive.com
grid-bidder.criteo.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
identity.mparticle.com
idsync.rlcdn.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
kindhush.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
o.canada.com
p.flipp.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pb-ing-postmedia.ccgateway.net
postmedia-d.openx.net
postmedia.hub.loginradius.com
postmedia.solutions.cdn.optable.co
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
prod.tahoe-analytics.publishers.advertising.a2z.com
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s.c.appier.net
s.tribalfusion.com
sb.scorecardresearch.com
sdk.mrf.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
smartcdn.gprod.postmedia.digital
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
sync.intentiq.com
t.co
tags.crwdcntrl.net
tags.fullcontact.com
tags.qortex.ai
ups.analytics.yahoo.com
ut.pubmatic.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.npttech.com
x.bidswitch.net
api.intentiq.com
cs.admanmedia.com
ib.adnxs.com
o.canada.com
pb-ing-postmedia.ccgateway.net
secure.adnxs.com
sync.intentiq.com
tags.fullcontact.com
104.16.174.226
104.18.25.18
104.18.27.193
104.18.35.13
104.18.4.235
104.18.5.235
104.19.220.32
104.20.23.13
104.21.66.34
104.26.1.62
13.107.6.158
13.226.244.44
13.32.27.70
13.32.99.122
13.33.186.215
13.35.58.95
135.125.140.162
135.125.145.78
135.125.146.86
141.95.33.120
142.250.184.193
142.250.184.195
142.250.185.131
142.250.185.161
142.250.185.194
142.250.186.104
142.250.186.162
142.250.186.164
151.101.130.133
151.101.2.133
151.101.65.108
151.101.8.157
157.240.0.6
157.240.253.35
162.159.140.229
162.19.138.116
162.19.138.118
172.105.221.240
172.217.18.10
172.64.144.166
172.64.150.63
172.64.152.243
172.66.0.227
172.67.73.177
178.250.1.12
178.250.1.129
178.250.1.38
178.250.1.57
18.185.116.170
18.194.3.175
18.239.70.135
18.239.83.50
18.244.18.27
18.66.102.119
18.66.26.26
185.64.189.112
185.64.189.116
185.89.210.122
185.89.210.46
192.0.66.2
193.0.160.130
216.239.34.36
216.58.206.33
216.58.206.34
216.58.206.66
23.45.96.101
23.67.132.201
3.160.150.105
3.174.46.124
3.232.126.205
34.107.254.252
34.111.67.160
34.117.147.204
34.117.54.29
34.120.133.55
34.120.37.167
34.149.157.221
34.204.142.167
34.213.159.49
34.36.209.34
34.8.155.66
34.8.254.188
34.98.64.218
35.186.253.211
35.214.136.108
35.241.9.51
35.244.174.68
37.19.206.161
46.228.164.11
51.195.115.36
51.195.126.30
51.195.34.220
51.195.34.255
51.195.73.113
51.195.73.74
51.195.73.82
52.17.99.225
52.223.40.198
54.156.183.251
54.171.96.116
54.203.221.146
54.216.131.59
54.217.15.209
54.246.81.101
54.36.115.242
57.129.85.99
69.173.156.138
87.248.119.252
95.100.185.43
98.82.156.107
99.83.154.140
99.86.4.39
028ec45edf733921529b5c9a09c8944ae439394da6d07b5519c52d108bf5ec57
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c796670ee4aa954132473f3572e37cacfa64d8d3e2ce5fb2ca84c45ef4e1231
0cfbf1ce10a6f7fce3f901c3718b3da4be2f2d4e73e8b72667d9cb61c7634ba7
0d6133b474f8da38d343f9bc474ae59a4f6332fc2b44bd4d0855e9b8f632ee0f
0ffc24b3b20bde95bff216027489bebab4527836e7f010670cb32fc641bf8c5f
1156eee7ec6ff933e0b258b8081145e414e97369bb201f15a69421653c6c774e
140ef1f470f456735a46b138c5de05f69c8b2c377ffc8107342fd7e386a47529
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1502275829adac52e8f43d7737a4d1af032707b18658c07443e9e849f5fe1a03
15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb
15e158253fc317d4b939e2db2aa23a5ec53668f909a230dd8f05bf33ffaf85db
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
1acac49ee8d1cd62c991d8cdfcd227e86fd8c5d5baafea90062f7c3f3a8f2caf
1c0757d71db4878b3901dadb04fc5cfc53b8e991ef868751795a048b17ea5164
1c6f03747c03abe0a707678548df4a1f125b67d607e798350a99c51bf622cd63
1ce1d60a93b09bbc378f0db12c45d555bfacdda5be756b0db039c582944b5ab9
1e391c14a998585555b87a4d8c284553fb6153f7e135fc04aa567f382c61e6e8
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
211d072cc2d5a4b0f3c665be0c2a680e478fe20e464848ee5d7bdd3ef76d9352
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
251064baf918266911c39c75358e3be30d009e4d98a13dc973082f6e5379813a
2d217a8be8258ef8e1280c9ef4ad33d8d4fdc690aa90658ad2b5e91424d33483
30626341254f8c2e57caceea03a56bd3a4e1b694983e493dc6eaae52e01ad49a
30d272b85536201e2048467cbae2d9b2deecc1cec8ebe1831dd217cb5801a03d
30e04b0327c493e1908f631a846432f500e47426ecc0fdc22206eae547e63229
33cc6e61cbb1addafa75cc8ed40216823ee7e50631bb8d2b71eda77ca81a77f3
36427b43e0ef43d66ac63bc2b13d88562eeed0f27699a594f58b34d257990585
36f2e83e05dc91538b50481f72382e79ea3619d2182b52f66de20e35836cb449
3857a86cad557e903298f49f058998de3d3ce14b1674a3e07732364db6fc14c1
3877a8858bdaaae2e85cd4606197b695b323ecde59215207070e1339b2404027
3a6e7e53a78b78ae20b97034beec7728a151233e2b9ceccd24daa40dace1662e
3c38c6d4f9561441a49d10c09daa98b043a6b36bc5c4c2b8a35e0585ba359d58
3d1b3c979e3d60c0bc8340fcdcb986e8545b42897052bde1478738d2673fa933
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
400056c8a79d706e2e93938456645d459a8eef705cae535f9eb3a17150574c09
427f5f3c0406cb120d6c6cf103e5666a16dfc458d741eac307b04c8b672f1185
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e559e1f8701c7a7c06671133b69a5986f86c633be86b4f21e678455cb7f90c
45bc6978e281a938d9485dcbf0859159b24e2f7c9b8b0fafc120b9606e0ea8b1
47b327cda108b7562aafcf5bdf1c4c002c6ecec8e7f6b69ae0b5af74e6ac6f2b
47c381538fc2222bc5b89f3ad968aa519c06d862c80067fd9aa80b5e0ac5abe5
47f1eb3a3ae87512cd3f5700161ffd35436f2791e21529f2e38465b5ee7d367d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d6f05da6927c107df395d78174b75314890d8ce6deb15d2c0f30748e5dc065
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4c8232918e41a7e9c0ccd7f2bc74fbbc4306a2cf735c973f85b7d7343c3241c9
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4f08cb1c9bf79001e26e7305760c1d8bcaec6a1fa017e52954f1e75c64618e60
4f3018038e1ed364702d3fb624b07cbf8ce5fac250f3838978ecf931d2e3539b
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
599177c22dba99aab1ecce3a2897835a2e6a993b104ebc04f3c1a4e3c663be4c
5a8f11e92f224e9348fb3ad44b373d6ea89ef5f18ce7e30af7b06167cccc4fde
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb
5e7ee5008fa4dcb54ad2339b72d838e04ffa041aaf4b9e279f5a14e443775f41
5f78db91cb014c07d1d0a6adc30dbb2e490bfcb3d41d56a8c4ebdacca9393b49
60dd879e31b889327f700b93c47df1a633670a350b00cace6109baf5209fbc15
636c43233b344b42e915c971055a64f2e89e4f7022c6762ad8f2d99f10e4bace
6533096fb1f5295c91e36a297b725192d68bb77401c97edd2c994f2dc72f6e38
68f4e5dc17f702af9c0f934df27febac77683ab8892851cd24500ff9eabb4729
697e6d4d627b1f12cac597c007f4e9f1354ffc4f0992ced01796ce0d05c55a69
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae73c7e328e26cea91aa7aa306b5f191a68a11daa2f7cf8ad76b37c590b4f15
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6e1442a4ed58986cc47bc718ab9b6b434c367cf0e8f900309318b0bb78412076
755ac822d7d0ece7e63e7a82024d18dccedaa385d126ebc06dac238f8c1c1c39
75f09670f35d13887fd7108f16a6f2803c596a0bc83071e03a264fac5dba2ed0
769f5a94f6cc059391b985943fcc35fa6ac81c897ae09b117018efc210b28338
78f788cdce2225e74b639d1d4c338cb6abd5e655f4e4de70905d0bc5f550ec6a
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
796a30f5020e6e118d1812f3d81aa5ca6d83825934813fac9a985eeef81ec466
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7b21bbb8ef971401ae80a3877b20405f18623e70111a65f0503458ea623255ce
7c41f3f00c35eb1d199cf7b0631bf717dfa15000168a109bdafd91b959cd6a7c
7f1c6f4b69a2c6ce6a3fa57699f7ca9ba864a994e2a29c072831a7a491c1dd09
7f2fa16190b3c846137e18fe7c6eafb6f45c2775d165271dd7297b631069d6a9
7ff22ecf8778332a69c9d2bf3d1c51e206c412e4b7b6ae72a0b03ba4b597fb79
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84a374c58f2d1a4189d733a5ef23e60ef9a9efa59f617df7fecdadd4e1f541c5
854c59da152f6eee070e91bfcae8848f37d50546b827990c541e097d1b28a3e6
85923d2029e9bfdd417506872899d7e494162b5ca2133c6a9014720cdec0747b
85ef8fb5bfb8a12eb4a591522c98cea68a3994c56af2d09dae41adceaee354bc
8835c0349b6a217df385f575034c6a1145a4f1d23424eaee6f55113847ca98d8
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b03241c09c8f82195628c4882ab3129c3fd25811ed135fee9ef5f45d05f4951
8b759f46d54254449f749593630da77222083f1194d7b15f09d329b8204fb4d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f985c9849a5b66278cd2450bff5cdb41bfcf866d8414705c7e4fc1655743892
8fd9a82e4ae36ffd6226dd5f423898db4066d35b3ceaedb4551f94515a89d53b
90d31178c5dd71358da70acdf13073fbce415131213dc96f08f1ed961446a432
90d4607a170c139a8318191496743d8232bde1b02e36e0355c60ea1a3aa0680c
9229b0a910b02f462b162a168565bb680ce91c7f02f1463ca4763a470c831ed5
93c2af8d901dda273d7d198e5df955d5487a60f0b97d37452667e2c326a54667
97be8d3b3ffb588831c194a84cb32d6fd5bdedd8291bf349f1a1876c96fe3a53
9b56bad1bbf4888ec9333360259e48ede77e3e4bc86da5dd3afb8d1a9f51b60a
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a6e8a647167a5eac30ee3016ecbe5a43bbe70cac89003acdcbf5b9b7e01dbed5
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaf39a997cfdda5c558e0b42ca4e1ffa01fabdc87d3fd117b792a26181deb457
ab74f0c2d7ec37e44e017b9586675dd00c519591207dc3bbc8e003c5628dc9b7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adbb267a810797e8a2fd7dae84caf1a3b9692a7fb9b3039126a13fb7ae9ebd29
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1deb7e7c4ac45360d4dcce2a428d3293670703ff4cd95e91ba3a2f7b58a9662
b3a6707b53120e361c443438c8f8b44d833ab5a5bb2277a3a76818a19ff2ba60
b9a38d65df46c3a4789f1e3b555770e4f490b70203aff21cc1a383aa33d133d3
bbfacf06f08c9832af6a807c24372c43ec1df4577c397f19db169a960b98f609
bef35422fc711ef3d9d484894345ae90bf44cbd4027d06fd64c1091b5bd2d538
c0b2ecdcae18382a804675bd1bbbfefd557245a464402a308bc79bfc55e73699
c1a7f5c31122b5a64b1c8bd3005227b67ea67e6db8563bf301b3677d34eb760f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c42c97380d5c6c727b9d1fceefbffc8f9f6fb223c20ca84dfb48fa074cf04bfa
c67261a56a786f80d830f7ec7073ebda19fa2802b42ccacc76c0db41b7b8a5d2
cf4012855810edd80ff5404202e855e5c57f735d55131472105b51987d81cd35
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0416fa64f7e54da9b7cab5337e0f407b7686362f6c8d502ad5e76b5f7ea2eba
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0d7ab370797250292fee38f5d45a82b4ce7e75eae410309999c6b387cb07064
d2f0a269066ec842ad597cfa0bc720df35639b3926388fe7401db2bb04609185
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d55b032e42097a7cc3766e9edc12d34421ab38e60afadbb45dfc4a03a27f835d
d6b2a6cdfdba06b1fa5e65821f4d16a80e892a357fd0cee8f06761639e56e6a3
d7ad1737cc10e06d2df8f0f14367e5977499532f167a93bf2c062b0356337181
d88ed294bb7bc1856e1efcb2b8c1e5d1d0dce22371e91ba086bbb0b74df0f772
dad9d17ba5045075acba2a971e8e58f03cfca04f3610439ae5c9f284c72269b3
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
ddced884e82d6ed9fdaf9f509a01baf4dc2d1963b3975240219c2e2ac0300de4
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e07c414c85bc303ab437bf81236d6a875493ca9c76be882c1b2a742b431a86da
e084390e566ab8118e70fac81864a5e3c4fa4af73b412edd5ef237419b1b1b20
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e28fc8b2518b0d9ace6a9d9d30953ef4acb0b15bcfd368164e88956c29fd2d7f
e2dba5995e2bcb1ed8a98520648b723dd736a9583b568474c8ea342e4e986f9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e37a7b985176f00570610448c9d3453014374644bee0fb45a2a7253cfa1508
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
eb86e49243c7a1a96ec3c1e4bd7b9ab7c30bb93f18c1f595cd6efbb82b40569e
ebadaf46fcc2caab1485f89189b4761b5000608e61852742927e341dbe3b8f30
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec71f8e0dae619b8c2883e9430255c8014f85f47ac9569cc48fb5e3f16bc2abf
ed551decb01886f399d177154bdf8271dc4f6c81d4e26db991d14f0b76679384
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fa13d78ecbc3d2113df6d6f0e5d0a2fb0bdb2feeba236a3cf34c099a5b4122ab
fb4a28eea55439eb3afb0b7ac5e35f547281b5c5e780fc37b0f7b349d96c2d55
fc5bdcb0072e455fd1ab58dade027b9144e2b6d50aa3f8c0d1efff9be2322330
fdeaf00018129fff56ddcb03d2c1c43a1893cdc5d12bdbae125a0bf71dfd6761
fe2c5fa31ee50bd9fcc220cf5aee32afec3fbaa71deb48bf5d54a067722a9724
fe9670c500874fd282af5f073bf3c6005ee3ae080b0365d3e2b536d5ac49c3c4

o.canada.com Open in urlscan Pro 34.117.147.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

92 %HTTPS

0 %IPv6

70 Domains

128 Subdomains

106 IPs

9 Countries

3930 kBTransfer

13211 kBSize

65 Cookies

22 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

o.canada.com Open in urlscan Pro
34.117.147.204 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

92 %
HTTPS

0 %
IPv6

70
Domains

128
Subdomains

106
IPs

9
Countries

3930 kB
Transfer

13211 kB
Size

65
Cookies

237 HTTP transactions
1 data transactions