o.canada.com Open in urlscan Pro
34.107.199.243  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://canada.com/ HTTP 301
   http://o.canada.com/ HTTP 308
   https://o.canada.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

• https://postmedia-d.openx.net/w/1.0/arj?auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bDOiHzhN&cache=1635319463255&ttduuid=4222e4f9-9ea9-4d2f-857c-ce3b75e14de7 HTTP 302
• https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bDOiHzhN&cache=1635319463255&ttduuid=4222e4f9-9ea9-4d2f-857c-ce3b75e14de7

Request Chain 122

• https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_tc= HTTP 302
• https://cookiesync.mparticle.com/v1/sync/?id=CAESEKCNOcKD4OgxZ4LVX9A85-Y&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_cver=1

Request Chain 164

• https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9bE7oz4B1MFDio5

Request Chain 165

• https://x.bidswitch.net/sync?ssp=openx HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=04613d72-09b2-4465-bfee-c0dae2bd7ad7 HTTP 302
• https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=04613d72-09b2-4465-bfee-c0dae2bd7ad7 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=be5490fa-66e1-45af-a892-0d6230a3f518&user_group=1&ssp=openx&bsw_param=04613d72-09b2-4465-bfee-c0dae2bd7ad7 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072968&val=04613d72-09b2-4465-bfee-c0dae2bd7ad7

Request Chain 166

• https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8387288722029318154

Request Chain 167

• https://match.prod.bidr.io/cookie-sync/ox HTTP 303
• https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdVprN0M4ZjBBQUJ2U3V1RjNyQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
• https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEuZk7C8f0AABvSuuF3rA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
• https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
• https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEuZk7C8f0AABvSuuF3rA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 168

• https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=536872786&val=de3b6178-fea7-4c00-b2c0-1db4dc9a5080

Request Chain 169

• https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=301PAY8ZGQHETx1fiE9VC4odS1jETk4OiBk19MFy

Request Chain 170

• https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
• https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4079065175960191581

Request Chain 173

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGh4r-qvBhVnqJnq5rBNmn8&google_cver=1

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response o.canada.com/ Redirect Chain http://canada.com/ http://o.canada.com/ https://o.canada.com/	457 KB 69 KB	125ms 98ms	Document text/html	34.107.199.243 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.199.243 , United States, ASN15169 (GOOGLE, US), Reverse DNS 243.199.107.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 86791d522702de54da9c35b4c188bc9081bfad7a7472203581a106e12300652f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers :method GET :authority o.canada.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.19.10 date Wed, 27 Oct 2021 07:24:22 GMT content-type text/html; charset=utf-8 vary Accept-Encoding Accept-Encoding user-agent expires Wed, 27 Oct 2021 07:29:10 GMT cache-control max-age=300 x-frame-options SAMEORIGIN x-pmd-backend cheetah-nginx pmd-nginx-proxy-54cc578c87-s88bp access-control-allow-origin * x-pmd-cache HIT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 google alt-svc clear Redirect headers Cache-Control private Content-Type text/html; charset=UTF-8 Referrer-Policy no-referrer Location https://o.canada.com/ Content-Length 218 Date Wed, 27 Oct 2021 07:24:22 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	42ms 17ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash da114ff6b50ada82e0af1e52e4962ed6d3a9d9fd768424506782cda5b4445aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1025 / 568 of 1000 / last-modified: 1635286009" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27290 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 27 Oct 2021 07:24:22 GMT
GET H/1.1	200 OK	184635-232448041313322.js Show response js-sec.indexww.com/ht/p/	146 KB 39 KB	53ms 25ms	Script text/javascript	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/184635-232448041313322.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a3d1c1b21d98e6c46cf793fd451294fd342d413887598fb4125d8473476c7b9b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 27 Oct 2021 07:24:22 GMT Content-Encoding gzip Last-Modified Wed, 27 Oct 2021 06:21:43 GMT Server Apache ETag "da4524-247a8-5cf4f9b948152" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=80 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 39991 Expires Wed, 27 Oct 2021 07:25:42 GMT
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/	119 KB 39 KB	49ms 19ms	Script text/javascript	178.250.2.130 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT content-encoding gzip last-modified Mon, 04 Oct 2021 12:34:27 GMT server nginx etag W/"615af4d3-1dd0f" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Thu, 28 Oct 2021 07:24:22 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	133 KB 36 KB	88ms 45ms	Script application/javascript	52.222.163.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-163-173.cdg52.r.cloudfront.net Software Server / Resource Hash da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id PBfT87Jypy1l_3XKxwEwol.gybzOM7El content-encoding gzip etag e2b905aea413c4d7479fb2bb9cbc6c65 age 114 x-cache Hit from cloudfront server Server x-amz-rid 0KDSG2P3VFD7ZDX8CWGS date Wed, 27 Oct 2021 07:22:38 GMT vary Accept-Encoding content-type application/javascript via 1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop CDG52-P2 accept-ranges bytes timing-allow-origin * x-amz-cf-id a7WSFGC6MPgEEFXGKZgG57-h0FJpy7M8jR60BXTbYdPsfMWpyxBewQ==
GET H2	204	all.postmedia.js Show response hb.districtm.io/prod/100549/	0 268 B	73ms 26ms	Script text/plain	104.16.68.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.districtm.io/prod/100549/all.postmedia.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin * access-control-allow-credentials true cf-ray 6a4a2f31df324138-PRG access-control-allow-headers Content-Type, Origin
GET H/1.1	200 OK	iasPET.1.js Show response cdn.adsafeprotected.com/	22 KB 7 KB	75ms 15ms	Script application/javascript	52.222.149.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.adsafeprotected.com/iasPET.1.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.149.92 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-149-92.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 16:16:12 GMT Content-Encoding gzip Connection keep-alive Last-Modified Wed, 02 Jun 2021 17:38:57 GMT Server AmazonS3 Age 54491 ETag W/"51636de3ce868a2172f9e6996c2934e0" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 fb7dd4ab7d279a5ac003ba27474cf5ef.cloudfront.net (CloudFront) Cache-Control max-age=604800 Transfer-Encoding chunked X-Amz-Cf-Pop CDG52-P1 X-Amz-Cf-Id EVHAlat1An_aEV24q-KM6yJVmQGnsprcZzDLcM8FUEYbQp3gt5BQ_g==
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	42ms 18ms	Stylesheet text/css	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software ESF / Resource Hash 3bd5a9fc21186f86dc7899696f378659e555a7f1978af4161de48552343a4d6f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 27 Oct 2021 06:43:31 GMT server ESF date Wed, 27 Oct 2021 07:24:22 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Wed, 27 Oct 2021 07:24:22 GMT
GET H2	200	advertising.js Show response www.npttech.com/	7 KB 3 KB	74ms 28ms	Script application/javascript	172.67.192.182 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.192.182 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6863 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id F836SKT2SS84AHAK x-amz-id-2 Ta8EnTglAyODjWqHIGsaiEGWHni4GjhMP5ZukPQ/TS2WM/tr7OkVU/f6KjjGXfXKHEGfQ/52hbQ= last-modified Wed, 19 Jun 2019 08:25:01 GMT server cloudflare etag W/"3d6f80c860866175f58a84bbbc9217c6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77dwfm71aLR17B8xntvz2iWgG7s9wjo%2BtCZsBMa51sPhl4wIdg0brlet1Zo3Bgn%2FNcLH%2FagBkXhFpSG78BP3vxxBOXvgl9YRrtnBSPBdWHDAR6eC59lhn36S8Jep3q3Sii0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 x-amz-version-id hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w cf-ray 6a4a2f326f5227b4-PRG
GET H2	200	LoginRadiusV2.js Show response auth.lrcontent.com/v2/js/	195 KB 46 KB	74ms 26ms	Script application/javascript	104.22.73.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.lrcontent.com/v2/js/LoginRadiusV2.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.73.232 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1357d050358d80ecda9a8a3f02d8d91a2ae71d683bc31d3659cd2a9db0b27030 Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT via 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront) cf-cache-status HIT age 5169 cf-polished origSize=1221643 x-edge-origin-shield-skipped 0 access-control-max-age 3000 x-cache Hit from cloudfront strict-transport-security max-age= 63072000; includeSubdomains; preload content-encoding gzip last-modified Tue, 20 Jul 2021 04:25:48 GMT server cloudflare etag W/"2cfaf27cd342c7b4dca95f74b6ba9430" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-amz-cf-pop PRG50-C1 cf-ray 6a4a2f31edee2774-PRG x-amz-cf-id yrhdG2kMrGxWHg4JHGrKJC3P1kBfH8pIx_PxYqBu-IE3LuulHXwsGw== cf-bgj minify
GET H2	200	fem.js Show response fem.prod.postmedia.digital/v44.0/	317 KB 92 KB	61ms 18ms	Script application/javascript	52.222.158.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fem.prod.postmedia.digital/v44.0/fem.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.64 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-64.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash d47941b6439777897a7d371b6cb87396936115a0b06078b1980b312cc9aea992 Request headers Referer https://o.canada.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 20:08:58 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 645325 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 05 Oct 2021 14:03:02 GMT server AmazonS3 etag W/"e865a457404c4ee147e192ace560f390" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript via 1.1 4eac31fa332b238427dad87ea3716265.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG52-P2 x-amz-cf-id SifcK_6E7WL4MOpW3SbSQyT6c5a514xk4mrSI_jMcGP_IEfSpUdoag==
GET H2	200	USA-AIRPORT-scaled-e1635303227266.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/	30 KB 31 KB	88ms 27ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/USA-AIRPORT-scaled-e1635303227266.jpg?quality=90&strip=all&w=466&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash 7d817fa0ece1b556b0e9c1c0f5f58a475829b2a7ee74da1eb8649ed4dde1deb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Wed, 27 Oct 2021 04:07:42 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 11800 etag "f8c0abc22fd389dc5f76994f6a57d3f98f9c2a13" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy cddcd888043b content-length 31112 x-amz-cf-id mCOZhM12gFE6JBo1HSR-XGu271pm5joWHelpty9_SpaM77UyGS5SzQ== expires Thu, 27 Oct 2022 04:07:42 GMT
GET H2	200	GettyImages-1223986101.jpg smartcdn.prod.postmedia.digital/edmontonsun/wp-content/uploads/2021/10/	7 KB 8 KB	88ms 27ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/edmontonsun/wp-content/uploads/2021/10/GettyImages-1223986101.jpg?quality=90&strip=all&w=150&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash 9b7e86d06959bd01c852c5a6bd8577c0b3bc52596b920ffff1419290daa34c5e Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester edmontonsun date Wed, 27 Oct 2021 04:07:42 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 11800 etag "3e8e79dbc5888293c64c9129b629a8e3b1d9842f" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 0a6df85b20f8 content-length 7272 x-amz-cf-id szchb8SMQZ1nZZVUXzHmDWc_dXgRGdVjqH_CPZ4CeSZCP-OQqg9Cfg== expires Thu, 27 Oct 2022 04:07:42 GMT
GET H2	200	DSC_0532-scaled.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/	4 KB 4 KB	105ms 44ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/DSC_0532-scaled.jpg?quality=90&strip=all&w=150&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash d4f3ddc02d542c41e2de7f3ee21e368b4114bdd69b657c788d63813ecde5eac9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Tue, 26 Oct 2021 18:44:12 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 45610 etag "937ca618f6c263f8f85da6cbc9a899c721e7fc66" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 46f8f5271462 content-length 4130 x-amz-cf-id i6-QfyzwOiEk0u9vlOxhmqiwVBJF1nDSdT7Tnyh1bcZ7FitKY4NRSQ== expires Wed, 26 Oct 2022 18:44:12 GMT
GET H2	200	GettyImages-1223986101.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/	7 KB 8 KB	89ms 28ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/GettyImages-1223986101.jpg?quality=90&strip=all&w=150&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash e0f2b167ec1d7900d8bef1e58879345ae29eb8f34df068d1cb9ce3ded683527f Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Tue, 26 Oct 2021 19:01:19 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 44583 etag "3324dfcbd64906621f747b64ef6890f3e25b9748" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 648a1f2f5da6 content-length 7304 x-amz-cf-id 2dt6BISRD6s4r3l7dnut6Dn-uWvNdI_AEH4w3-uKB_H48eBt5nD6zg== expires Wed, 26 Oct 2022 19:01:19 GMT
GET H2	200	1023-trav-IMG_FRONT.jpg smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/	7 KB 8 KB	104ms 43ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/1023-trav-IMG_FRONT.jpg?quality=90&strip=all&w=150&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash 2f8742cf078607b3ec2afeee597cdf7713c8baa0aa6081fd34a003d4dd4ea0c0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester vancouversun date Tue, 26 Oct 2021 16:46:46 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 52656 etag "6c99a713ff5620016caa50f27c96732e94497d76" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy d001dfe1023f content-length 7452 x-amz-cf-id CwwWbkvsGzuQB5OB7hU6n8UtW6T63WEyEi4ORN9crRkGz0I6fAmOmQ== expires Wed, 26 Oct 2022 16:46:46 GMT
GET H2	200	postmedia-image-fallback.png storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/	14 KB 15 KB	33ms 11ms	Image image/png	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/postmedia-image-fallback.png?quality=90&strip=all&w=400 Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash b3e96011b3bb2c8e0c3055738beae1ddfa271b782f408fffb25896e791216d49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 06:30:20 GMT age 3242 x-guploader-uploadid ADPycdv60QHuo_TLPSS3TruW3GjRPQzTCGVncZodgoleKfACJFuOSULpPuoWplvzn6LRvuCG2rtIvtoaazJI6-TmkrQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14753 last-modified Tue, 19 Oct 2021 19:20:01 GMT server UploadServer etag "4839cbf4f4b2332b1cc8ea8fea8f8ce9" x-goog-hash crc32c=9eJZBQ==, md5=SDnL9PSyMyscyOqP6o+M6Q== x-goog-generation 1634671201280628 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 14753 accept-ranges bytes content-type image/png expires Thu, 27 Oct 2022 06:30:20 GMT
GET H2	200	business-wire-logo.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common/	11 KB 11 KB	41ms 18ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common/business-wire-logo.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 7fb15552a88b764ca42963e71136255cecf99c6bccc6fdc68fbe0f930a516cb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 06:31:58 GMT age 3144 x-guploader-uploadid ADPycdttWnHm9NB6xWGgG0tWdhCiBOw3NnMDLohawawESBpK5DzQeQe_sbm6QsKKUPm0t5Hxiildqy4FyCEPqZLa1rAsJifXNQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11114 last-modified Tue, 19 Oct 2021 19:21:58 GMT server UploadServer etag "c65c15718398ba7d64f31b6847913a4c" x-goog-hash crc32c=oKRWcA==, md5=xlwVcYOYun1k8xtoR5E6TA== x-goog-generation 1634671318495359 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 11114 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 06:31:58 GMT
GET H2	200	globe-newswire.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common/	4 KB 4 KB	40ms 18ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common/globe-newswire.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 94bd49745e4f9c714e256a27aa7cb97e562a8e35be26fdf784a284ae6e3004dc Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 06:31:58 GMT age 3144 x-guploader-uploadid ADPycdv6ZrxPUrPrPOpEVmaEM_jy-kJpa7W1_nPMUGfOmCP4MoKsnvv9sqDwfUwMPT3ARyBTVxgOC0RObBfd0dN-FSc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3700 last-modified Tue, 19 Oct 2021 19:21:57 GMT server UploadServer etag "ff5e8d7206fffda6203e33571f13a1dd" x-goog-hash crc32c=Vhvo8g==, md5=/16Ncgb//aYgPjNXHxOh3Q== x-goog-generation 1634671317662433 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 3700 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 06:31:58 GMT
GET H2	200	icon-soc-fb.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/	775 B 1 KB	40ms 18ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/icon-soc-fb.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:23:00 GMT age 82 x-guploader-uploadid ADPycdtuRoqjGMTmM9VVEgTLR8kAJ-pJMTJEr-v6mXVZDAKe_5fPShs2fYfJ0GLoNADMgYm2c4u4v_bKNJ2A5y5IIopet9-alw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 775 last-modified Tue, 19 Oct 2021 19:21:57 GMT server UploadServer etag "993353c51244defcc16154eac23ff88d" x-goog-hash crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ== x-goog-generation 1634671317452948 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 775 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:23:00 GMT
GET H2	200	icon-soc-tw.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/	2 KB 2 KB	11ms 8ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/icon-soc-tw.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 975a64dc9bbc5e1884ba8ca2e76d9b2791d16d5c9f3619bf30477cd21a8636d2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:11:05 GMT age 797 x-guploader-uploadid ADPycdvRv8Kh03L1dQ8g_1MwdPhfn1S_Ypmo7js7BTl1pyLY1MZeNenHe1YTV1PJu4gmgPWY6OQWtrYG0LXCzTPF2k5be_7Vhg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1698 last-modified Tue, 19 Oct 2021 19:21:54 GMT server UploadServer etag "df82c342c1176b84253c53e6e10eed05" x-goog-hash crc32c=cbPk0w==, md5=34LDQsEXa4QlPFPm4Q7tBQ== x-goog-generation 1634671314687788 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 1698 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:11:05 GMT
GET H2	200	icon-soc-yt.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/	744 B 1 KB	10ms 8ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/icon-soc-yt.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 99394b0f6e9f0aefd71dd6a9ad59129ff7852e7734905bead2f2cec5789e3436 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:21:34 GMT age 168 x-guploader-uploadid ADPycduq11Lm1BTJdl9BaVUaYBY1UTYuqldgp0WWwlJN0YgGZuU_jWicC0YUw4uANTn-RXBMqccbovF0aft4hTjHUXnsEzyHGA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 744 last-modified Tue, 19 Oct 2021 19:21:56 GMT server UploadServer etag "c7b3b346ada043e6e241bca3e7f698d0" x-goog-hash crc32c=8iXYKg==, md5=x7OzRq2gQ+biQbyj5/aY0A== x-goog-generation 1634671316820123 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 744 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:21:34 GMT
GET H2	200	icon-soc-ig.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/	2 KB 2 KB	11ms 8ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/share-icons/icon-soc-ig.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 179f43e8abd5e7bd49d05571dc29d22c9f5044eb17ca8253a49e3e28e716af61 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:20:51 GMT age 211 x-guploader-uploadid ADPycds6FK2NUD0HZ7IDCdU49dJRnT3oLZYXRn9IwVNl-JZcX2BRamGWynyqIF8zlQbDP9KnHWzeoIeqlcIsSly5hgmf1ZaWHw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1898 last-modified Tue, 19 Oct 2021 19:21:56 GMT server UploadServer etag "cf38c08bd0b7e49f4550f048b7c4e2cf" x-goog-hash crc32c=bCiZ9w==, md5=zzjAi9C35J9FUPBIt8Tizw== x-goog-generation 1634671316186606 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 1898 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:20:51 GMT
GET H2	200	shared.53d6884c7500.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/	23 KB 24 KB	29ms 8ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 53d6884c750079ed9227c3b024d3457cdaf3f08cd9efb1e3947f131801c69e47 Request headers Referer https://o.canada.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:02:42 GMT age 1300 x-guploader-uploadid ADPycdvgHzUPlOqHcl76PmdsAvZC2Ugswys_G5mRoOJAKC58WZ5IxAKTZtlglrYGiAv3aodbIlv2AcjaHSDyp1LL1tA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23591 last-modified Tue, 19 Oct 2021 19:25:55 GMT server UploadServer etag "d4b0365984238c5b9c037a85af5a5e41" x-goog-hash crc32c=QNWbMg==, md5=1LA2WYQjjFucA3qFr1peQQ== x-goog-generation 1634671555607632 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=31536000 x-goog-stored-content-length 23591 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:02:42 GMT
GET H2	200	main.95059772c941.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/	87 KB 87 KB	36ms 15ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/main.95059772c941.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 95059772c941233ba4c998d4d0b06439c6cae8c638655ea177bcb87d2f38f163 Request headers Referer https://o.canada.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:02:42 GMT age 1300 x-guploader-uploadid ADPycdscFLzueHUNUmN1NFsMv3qkSXgAShAxN0RedBJzp4e1X59mgXZloChMp5phNNPmbElipd-zqznJLxchyjEZw2g x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88749 last-modified Tue, 19 Oct 2021 19:25:55 GMT server UploadServer etag "8bc861ce038628c6ea0b9f962c1d393e" x-goog-hash crc32c=n75NGg==, md5=i8hhzgOGKMbqC5+WLB05Pg== x-goog-generation 1634671555867161 access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control max-age=31536000 x-goog-stored-content-length 88749 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:02:42 GMT
GET DATA	200 OK	truncated /	256 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	34ms 8ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 17:27:37 GMT x-content-type-options nosniff age 136605 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 25 Oct 2022 17:27:37 GMT
GET H2	200	icon-generic-play.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common-icon/	1 KB 1 KB	11ms 8ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common-icon/icon-generic-play.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:20:34 GMT age 228 x-guploader-uploadid ADPycdsXPBbq7u8Nt6UvpZdRPOLB4L3t23PlSPUssuSFfnK6ynxGfXXqAObXvniBP1sphjRIteuiVKvvmlsxlbeIf3JLpgpQhQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1091 last-modified Tue, 19 Oct 2021 19:22:16 GMT server UploadServer etag "34ef0f992f9fa3f5a172353b887ba82c" x-goog-hash crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA== x-goog-generation 1634671336450498 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 1091 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:20:34 GMT
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 fonts.gstatic.com/s/robotocondensed/v19/	15 KB 15 KB	37ms 16ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 17:36:08 GMT x-content-type-options nosniff age 481694 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15640 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:08:37 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 17:36:08 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	29ms 12ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://o.canada.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 17:36:17 GMT x-content-type-options nosniff age 481685 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 17:36:17 GMT
GET H2	200	xd.html Show response d395dw5zk780j2.cloudfront.net/v44.0/ Frame B4A7	167 B 508 B	59ms 15ms	Document text/html	52.222.158.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v44.0/xd.html Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-5.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 3302a8bfd17069e7544cda1e9d775cea2180a584e83c192e1b852f1e33c5e17c Request headers :method GET :authority d395dw5zk780j2.cloudfront.net :scheme https :path /v44.0/xd.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers content-type text/html content-length 167 date Tue, 19 Oct 2021 18:42:50 GMT last-modified Tue, 05 Oct 2021 14:03:02 GMT etag "488d765d893d2a9aadbfdbf34477050e" cache-control max-age=31536000 accept-ranges bytes server AmazonS3 x-cache Hit from cloudfront via 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront) x-amz-cf-pop CDG52-P2 x-amz-cf-id bB7wSX84GpletjFZelnriPZFm6coJ_bRuLLcYQpE-vWt8jNZiK_grw== age 650493
GET H/1.1	200 OK	capture:login Show response widgets-cdn.rpxnow.com/manifest/	453 KB 109 KB	69ms 17ms	Script text/javascript	52.222.158.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets-cdn.rpxnow.com/manifest/capture:login Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.158.57 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-57.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash d852c8c4a4916c22d524936925de15f0b1a519f4b42ed5aed98b4b8fb8fdd41c Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 27 Oct 2021 01:18:04 GMT Content-Encoding gzip Last-Modified Thu, 18 Mar 2021 16:23:27 GMT Server AmazonS3 Age 21979 ETag "44315a90fa384deff5df790e9c20d8af" X-Cache Hit from cloudfront Content-Type text/javascript;charset=UTF-8 Via 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop CDG52-P2 Content-Length 111565 X-Amz-Cf-Id v66N80foe8qLwZqq9fbMwnv_auoNccHKLGKs2wFsIU6ojhNYa2feJw==
GET H2	200	gtm.js Show response www.googletagmanager.com/	128 KB 41 KB	45ms 22ms	Script application/javascript	172.217.23.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8b739da9f9799f73c3c8672bf45be9c1079e2fb9d05eb498259a270676eea679 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 41727 x-xss-protection 0 last-modified Wed, 27 Oct 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 27 Oct 2021 07:24:22 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	62ms 16ms	Script application/javascript	52.222.158.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-71.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 02:42:35 GMT content-encoding gzip etag W/"1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 17696 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront) x-amz-cf-pop CDG52-P2 x-amz-cf-id thj6ZpvhE-gmWDSjVP4uFAd97qHIVG4pQZdXc77NMze8bVcwp_48kg==
GET H2	200	0d72f87b8ead81955870.js Show response d395dw5zk780j2.cloudfront.net/v44.0/chunks/	115 KB 20 KB	51ms 17ms	Script application/javascript	52.222.158.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v44.0/chunks/0d72f87b8ead81955870.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-5.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash aaea925a80c6ef47c14aa694995f84ff4a1fed27a226c5c08d8d8ab0c6454368 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 18:42:50 GMT content-encoding gzip last-modified Tue, 05 Oct 2021 14:03:04 GMT server AmazonS3 age 650493 etag W/"3209cc36a50fe39aaaa993d46b31f312" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG52-P2 x-amz-cf-id qxf0GR_BpFqGF5PkC3AJ8wyp0h3kqDs2NZpz_6BQVDBoThEFiuqW4Q==
GET H2	200	c96aea64f6cd722f4203.js Show response d395dw5zk780j2.cloudfront.net/v44.0/chunks/	12 KB 4 KB	52ms 19ms	Script application/javascript	52.222.158.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v44.0/chunks/c96aea64f6cd722f4203.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-5.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 8d0a6cf135e6b7bd0451df7fb312423a0bf22cae4441d4ce4aaddc05b93bb1bc Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 18:42:50 GMT content-encoding gzip last-modified Tue, 05 Oct 2021 14:03:04 GMT server AmazonS3 age 650493 etag W/"f19ca9fdb67f242c4eb0741a2a2ff443" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG52-P2 x-amz-cf-id _hX2dNMbIoD6N9z_jgWIkxQxZjMIAxKfe3LzzY8f2J5K0jCj464hYw==
GET H2	200	mparticle.js Show response jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/	503 KB 57 KB	34ms 8ms	Script application/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 862844d5d3dfcc365229ea762aa181a41d30acd8402c7b18bc62b8e3a703ebef Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT via 1.1 varnish, 1.1 varnish age 1093 x-origin-name fastlyshield--shield_ssl_cache_dca17753_DCA x-cache HIT, HIT x-cache-hits 1, 1 content-encoding gzip content-length 58452 x-served-by cache-dca17753-DCA, cache-hhn4062-HHN server Kestrel x-timer S1635319463.913305,VS0,VE1 vary Accept, Accept-Encoding content-type application/javascript cache-control public, max-age=3600 accept-ranges bytes expires Wed, 27 Oct 2021 08:06:09 GMT
GET H2	200	uep04wp3s.js Show response cdn.krxd.net/controltag/	28 KB 7 KB	33ms 6ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/uep04wp3s.js Requested by Host: fem.prod.postmedia.digital URL: https://fem.prod.postmedia.digital/v44.0/fem.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 43094d3321730c01fcb17959b15272537d70ed6554559edef24882a524c3c5f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Wed, 27 Oct 2021 07:24:22 GMT via 1.1 varnish, 1.1 varnish age 1100 x-cache MISS, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 6318 x-served-by config-service-a002-ash-prod.krxd.net, cache-bwi5120-BWI, cache-hhn4025-HHN x-response-time 0 x-do-esi esi x-timer S1635319463.914971,VS0,VE1 etag "62e3300dcb8fbb80b2dc1dc4e5f4000c6b6ee5a2" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 1, 1
GET H3	200	pubads_impl_2021102001.js Show response securepubads.g.doubleclick.net/gpt/	357 KB 120 KB	40ms 25ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122914 x-xss-protection 0 last-modified Wed, 20 Oct 2021 08:35:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 27 Oct 2021 07:24:22 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	194 B 148 B	36ms 20ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=o.canada.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash cbad311140316d06a02d6943f9a0c3f626c7dbb0ad912ddee8959ad3dc9a838c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 27 Oct 2021 07:24:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123 x-xss-protection 0 expires Wed, 27 Oct 2021 07:24:22 GMT
GET H2	200	rid Show response match.adsrvr.org/track/	109 B 540 B	112ms 36ms	XHR application/json	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash c467b0f5582ccb8d81d647996c1d8b32cdaa16a2d73c4bc2503b8480fcf0f798 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://o.canada.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 109 expires Fri, 26 Nov 2021 07:24:22 GMT
GET H/1.1	204 No Content	any Show response idx.liadm.com/idex/ie/	0 433 B	411ms 98ms	XHR text/plain	52.86.156.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/ie/any Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.86.156.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-86-156-15.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Access-Control-Allow-Origin https://o.canada.com Date Wed, 27 Oct 2021 07:24:23 GMT Access-Control-Allow-Credentials true Connection keep-alive trace-id b76c205a57843562 Strict-Transport-Security max-age=31536000; includeSubDomains
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 307 B	29ms 28ms	XHR text/plain	52.222.163.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com%2F Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-163-173.cdg52.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 06:25:08 GMT via 1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront) server Server age 3554 x-cache Hit from cloudfront access-control-allow-origin https://o.canada.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop CDG52-P2 x-amz-cf-id bjie6w0nu-2Qet8FV78kmOw8qwlOIT-v9ckgDoC_wiXBxP6Vf8QuXA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	59ms 26ms	XHR application/javascript	52.222.163.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-163-173.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" x-amz-cf-pop CDG52-P2 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Thu, 07 Oct 2021 01:02:33 GMT server AmazonS3 date Wed, 27 Oct 2021 07:24:22 GMT vary Origin access-control-allow-methods GET content-type application/javascript via 1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-id 1003oLUXrRjz_jbM5C_ZeFoAI6OYQdpIWsYdAqoUKvXcTghFWGTDRw==
GET H2	200	pub Show response pixel.adsafeprotected.com/services/	2 KB 2 KB	112ms 36ms	XHR application/json	99.81.129.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=be99c26c-e8b4-3b63-b459-d3fc1878033f&url=https%253A%252F%252Fo.canada.com%252F Requested by Host: cdn.adsafeprotected.com URL: https://cdn.adsafeprotected.com/iasPET.1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-129-224.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e1a5d633f70e10bd24c81ad182c8eddf7c141b1965b780a00c5210fdc95c68d9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-server-name app10.ie.303net.net content-type application/json;charset=UTF-8 access-control-allow-origin https://o.canada.com access-control-expose-headers X-Server-Name access-control-allow-credentials true timing-allow-origin * server nginx
GET H3	200	24555b886d441f0836e70.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	6 KB 6 KB	8ms 8ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/24555b886d441f0836e70.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash febe3a60524f82ca63b72018500e3fdf882272b8a8b3c1f02cba2fb9764b980b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdtHWjCofkG43tEsg72UeIG6EPY3ZepfSsU6j7C7ZBwP9n5aZiASg4K-oLR5njfCURW_-mmQx71YNJd4kjkYjtg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6562 last-modified Tue, 19 Oct 2021 19:24:21 GMT server UploadServer etag "65644b0855bd7352c7027e2fa4ae960f" x-goog-hash crc32c=nVj0pw==, md5=ZWRLCFW9c1LHAn4vpK6WDw== x-goog-generation 1634671461317074 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 6562 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	ec6e0b891d58fa36b87310.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	12 KB 12 KB	13ms 13ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/ec6e0b891d58fa36b87310.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 187e8fb924473af492f989754d410b1633cb24cc95b873bb967b3598107fbe18 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdsydSad4DQBvWkLMw3-8RCZe5ix22qdpOfP8W6NlNZCL7fS0-QIl0PFZavoZvycwKj3Yc82AJZsXhCprhFckRA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12527 last-modified Tue, 19 Oct 2021 19:24:48 GMT server UploadServer etag "87bd734e4d95bb428c40be2e79f65ec2" x-goog-hash crc32c=TX8itQ==, md5=h71zTk2Vu0KMQL4uefZewg== x-goog-generation 1634671488350489 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 12527 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	c90d65b4c8055d174b3819.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	11 KB 11 KB	10ms 9ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/c90d65b4c8055d174b3819.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 4a25daeb27ebc04a605aeda100e5e07957ee7f9afcaae8bfe19ce639ecaf90c1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdtVMUqk1frxPx1T9MYOCXBpdKCNaQfjU-NEUBoGX63QT14SKQLpk2JkMo5NeYdr-QEK0Qa_pH1AQRg6-_L-Jh8 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10944 last-modified Tue, 19 Oct 2021 19:23:52 GMT server UploadServer etag "20a95215ae0130dd2ab572e2f2813816" x-goog-hash crc32c=aTF18g==, md5=IKlSFa4BMN0qtXLi8oE4Fg== x-goog-generation 1634671432454343 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 10944 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	6fa04d618683542c541e11.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	11 KB 11 KB	9ms 9ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/6fa04d618683542c541e11.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash f26c7ebf7000948e3a41f1287819dab71f2d735a2e10decffaf64ad520e8bc8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdvqhfSYNH0OjKuTd90b04MDmbX3OqmrtHkEcyeBfDq3MiKsGu-fe_t9NsR3QbvG6NQpuyVczsuqPJ4QSg1_afU x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11287 last-modified Tue, 19 Oct 2021 19:24:42 GMT server UploadServer etag "175ef580c251c40f83fb8161bfba1351" x-goog-hash crc32c=jIXSng==, md5=F171gMJRxA+D+4Fhv7oTUQ== x-goog-generation 1634671482080180 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 11287 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	3d87c26106bce2a5f47a29.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	9 KB 9 KB	16ms 16ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/3d87c26106bce2a5f47a29.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash d40b19fa01c3e840a608160ea76e8ff5e7db1e7e449c74307434f7d258a531a7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:05:59 GMT age 1103 x-guploader-uploadid ADPycdtgVb2iNnF-icEuT2Cz2V5sf8qghAuKv40uMgDTQ6Lmgwv-i6kqyyl5AmBjKbAgObJFcriCkGB1vN8L0fhfJFA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9574 last-modified Tue, 19 Oct 2021 19:24:07 GMT server UploadServer etag "4e94ed38d291bcc93a5f6887043a7a6b" x-goog-hash crc32c=QtIq2w==, md5=TpTtONKRvMk6X2iHBDp6aw== x-goog-generation 1634671447869652 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 9574 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:05:59 GMT
GET H3	200	aaf859aa14482a829c876.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	20 KB 20 KB	13ms 13ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/aaf859aa14482a829c876.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 8e7f6037f905aa72af954a5409e8f378872fe48fe5d40384b969fa1a4d245456 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdsqYXsN0SElm6i4h9mAUxsagFuB7yLEsYK_YgVBYbLO4h9nzcR1eEcaj8c20EaR6pCXxpEfVh0BXRv_yAkzCyc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20137 last-modified Tue, 19 Oct 2021 19:24:03 GMT server UploadServer etag "d3e24b34838d26a07581895a97640447" x-goog-hash crc32c=wb7CQA==, md5=0+JLNIONJqB1gYlal2QERw== x-goog-generation 1634671443258590 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 20137 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	e80937b8152b4059a2c77.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	9 KB 9 KB	19ms 19ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/e80937b8152b4059a2c77.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash e87f4a92374e4946c2ba26e732e4e95796175567f37e4c6eac99130fc66ea5dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdvTOrR-d7r6NeWFfPaMnR3pUTOyE8KlGjbYtUkBdkex0tjAzEox6PAife8JYQf48dRjV570zEqC2kYGd5UFShI x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9246 last-modified Tue, 19 Oct 2021 19:24:29 GMT server UploadServer etag "599a89a7ebabcff3be0616ad77e82673" x-goog-hash crc32c=xlapoA==, md5=WZqJp+urz/O+Bhatd+gmcw== x-goog-generation 1634671469439457 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 9246 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	137c904dc4a5a6e88c5412.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	38 KB 38 KB	16ms 16ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/137c904dc4a5a6e88c5412.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 24b6fa3a79ab39cd1a66f51c896754b549d3c5a7c7ba731f26da52a0ab635d75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:14:22 GMT age 600 x-guploader-uploadid ADPycduXXpAVQ77dNgWmNMpo1cwwOI53FgEP0xHwbRB-1hOqQ-GXkQRyLATpBTlib-SgMBQwTCm9xkvabgumbfwkZbCdwD1Zyg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38410 last-modified Tue, 19 Oct 2021 19:24:28 GMT server UploadServer etag "b321f33276745fea3dfe7873a1755624" x-goog-hash crc32c=U5Hc4Q==, md5=syHzMnZ0X+o9/nhzoXVWJA== x-goog-generation 1634671468590760 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 38410 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:14:22 GMT
GET H3	200	2baa5042d93a885321791.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	7 KB 7 KB	19ms 18ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/2baa5042d93a885321791.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 1a90c39458043676f4aa31ed5a64caecb6997fe8adbeb03bc6001240caa097ac Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdsrp4kaYprZZjcuEYv2-MZs9yyq2LmsJTeHax8qvga6RFYt_V_c6CTo6bMLQBSqYr1QhLFOJoCT-KPZgWzoQ4M x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6959 last-modified Tue, 19 Oct 2021 19:24:46 GMT server UploadServer etag "0f1c1fb9fad19c18aee821ec3df3bd86" x-goog-hash crc32c=R+E8Uw==, md5=DxwfufrRnBiu6CHsPfO9hg== x-goog-generation 1634671486889204 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 6959 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	812be33f07340d7a8fa44.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	15 KB 15 KB	19ms 17ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/812be33f07340d7a8fa44.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash dbf56e0fd79602892f3b222e736e002ef20a8edd08592b5e2bb873df403d31b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdu_G6VQyahkDs7PwkR7NdndAvbPHnZ3DEsNZrSf3QqQHfB133PwM8Ma_IfA_DSTOi7677i93IRMq7wG_kzZJso x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15288 last-modified Tue, 19 Oct 2021 19:24:41 GMT server UploadServer etag "ebeb3f0940e59f561a82203632ee451f" x-goog-hash crc32c=dHR9Ig==, md5=6+s/CUDln1YagiA2Mu5FHw== x-goog-generation 1634671481139875 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 15288 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	ef84a2894953dd1b18c55.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	16 KB 16 KB	19ms 17ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/ef84a2894953dd1b18c55.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 6e8df4b3ff015737d7d5dd47b11638c55f3b630d7df625856374215c84ec1c12 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycdtUXMl_fV_TylwAQKZMmnfQ3ieeMD45Pi0bEu1kVXkdOmCaDzuyKkYt7Hb5Bpac4LSyV4maXsiN1WkdOrjDh9w x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16511 last-modified Tue, 19 Oct 2021 19:23:39 GMT server UploadServer etag "df4ee5d77251c07d309de63f1f4ef774" x-goog-hash crc32c=mCdeRg==, md5=307l13JRwH0wneY/H073dA== x-goog-generation 1634671419765118 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 16511 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H3	200	d55bc3e0118237b3986c9.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	13 KB 13 KB	21ms 19ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/d55bc3e0118237b3986c9.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 46f012479d067f8213452b40be43e8469a656cf227115f962a9c9d0de54a5ed8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:11:35 GMT age 767 x-guploader-uploadid ADPycdsQ-B_mw9gDcpbj6IGooJhGS9TWPVpLTuu6RD3YEt7x-Go9ZyxldNg772pVlSeZw7ZHmQ6b4ADYVQPVZoYtiaE x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13080 last-modified Tue, 19 Oct 2021 19:24:25 GMT server UploadServer etag "2b1dbf8422b1e9fa8491026a1c890cc2" x-goog-hash crc32c=EdYKAA==, md5=Kx2/hCKx6fqEkQJqHIkMwg== x-goog-generation 1634671465849574 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 13080 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:11:35 GMT
GET H3	200	83096866f8237e03800716.js Show response storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/	9 KB 9 KB	22ms 20ms	Script application/javascript	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/83096866f8237e03800716.js Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/CACHE/js/shared.53d6884c7500.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 70fcc32810c8b4d5b322f302b29091a6ccb065d93a3af9d1c309e198e7ebb406 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:03:12 GMT age 1270 x-guploader-uploadid ADPycduCJg4cshnCtZEDhMTlwv-eVnW_Fvnl0aQtufTmdE9tvTO7sZ39xcuoSn4u4QVoYJyeiZLmQqzBt15P6ENA-Os x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9233 last-modified Tue, 19 Oct 2021 19:23:05 GMT server UploadServer etag "9b937421933cda91a743d0330a996af6" x-goog-hash crc32c=3wrFYQ==, md5=m5N0IZM82pGnQ9AzCplq9g== x-goog-generation 1634671385455239 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 9233 accept-ranges bytes content-type application/javascript expires Thu, 27 Oct 2022 07:03:12 GMT
GET H2	200	Perce_RockClose-scaled.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/09/	20 KB 20 KB	23ms 18ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/09/Perce_RockClose-scaled.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash 5c04401375d97a31f5d01d532ce7a1b3d794105d8507545335300c31473c79ab Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Wed, 08 Sep 2021 14:13:04 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 4209079 etag "45af0bc2b5779f0ebf2e114889de9459d4c46651" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 90c50371b42e content-length 20542 x-amz-cf-id DNRIBFYKrTkmxazm1EidEET4R_8lUI-e0rTk82qm3mM77TsXk0Q44g== expires Thu, 08 Sep 2022 14:13:04 GMT
GET H2	200	LLA.jpg smartcdn.prod.postmedia.digital/nationalpost/wp-content/uploads/2020/09/	18 KB 19 KB	23ms 20ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/nationalpost/wp-content/uploads/2020/09/LLA.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash b20b00ae000f5b347e13e02e539ef587010e9920076231c6e59733978f70ec54 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Fri, 20 Aug 2021 12:09:08 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 5858115 etag "96c66fd8758faa1dfaa3a2a825916c1fd555edb3" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 644b1a4d5113 content-length 18614 x-amz-cf-id iKARamCg1xWBx4X9oJbS-sjlZwcGD69HZhuwE2zVZDZ0jUWrVUwH_A== expires Sat, 20 Aug 2022 12:09:08 GMT
GET H2	200	ottawa0052_77916294-w.jpg smartcdn.prod.postmedia.digital/ottawacitizen/wp-content/uploads/2021/04/	32 KB 33 KB	29ms 26ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/ottawacitizen/wp-content/uploads/2021/04/ottawa0052_77916294-w.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash 8bcf04990ac3b2ed0556bca5b27e0f022ac426c2e8afabe5e8ebc213da64f472 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester ottawacitizen date Mon, 04 Oct 2021 04:03:23 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 1999260 etag "c3ea867db05c48783441e9e4505796b7236e55e1" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 450f522927d9 content-length 33178 x-amz-cf-id MvF4VvcGkX3zDUbMdUq75d3msLU0LnZruKaI7svtc56pfye-IKyNvA== expires Tue, 04 Oct 2022 04:03:23 GMT
GET H2	200	Ruth_GananoqueAir-scaled-e1625773242505.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/07/	25 KB 26 KB	26ms 23ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/07/Ruth_GananoqueAir-scaled-e1625773242505.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash cd3c9edacfa30176ac54dfa638ac486dcf65cad5378eda975f29bdb497a31a24 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Tue, 13 Jul 2021 18:20:59 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 9119004 etag "705c81820fb1646a07e1654657414da2eb6ebeb2" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 1ea0f469594e content-length 25852 x-amz-cf-id YIVzWXFnLMDm02BQIdY6owRo2MgwxXvFK2O0dQz-S0POhn86aSuh8g== expires Wed, 13 Jul 2022 18:20:59 GMT
GET H2	200	GettyImages-455559316.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/	30 KB 30 KB	38ms 35ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/GettyImages-455559316.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash a55d6634d9c84eae616903ed35266f60838faa6f35d91ec6187f1838484df960 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Tue, 26 Oct 2021 20:50:46 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 38017 etag "9d7d721720ccf6af19ed1aab924f05657cb17835" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy d0d268915a32 content-length 30628 x-amz-cf-id zBq5uR1IWc6Rt5981WD4gwlygL7czhsuwgyDg2-85EqI26DBkqJzqw== expires Wed, 26 Oct 2022 20:50:46 GMT
GET H2	200	Halloween-Eyes-Square-scaled-e1635272826725.jpg smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/	26 KB 27 KB	36ms 33ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/torontosun/wp-content/uploads/2021/10/Halloween-Eyes-Square-scaled-e1635272826725.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash d2d258096f2fb5ef9e88c86dfecd06f0eba64f395c1e5a14fa415dff2910e6de Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Tue, 26 Oct 2021 18:49:41 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 45282 etag "cdc0ab943f0c358ed38286a4fdcca6214e0effaa" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy dae74363b8a5 content-length 27080 x-amz-cf-id v8Xd4NtvCO3N7xuGPeZb6cYGEG_-wxXlNEgzHlrcHc2Mf6K055GRGw== expires Wed, 26 Oct 2022 18:49:41 GMT
GET H2	200	265254415-1030_feat_vegan_cookbook_noodles-w.jpg smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/	32 KB 32 KB	44ms 42ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/265254415-1030_feat_vegan_cookbook_noodles-w.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash e25a537b805cc189cc750d96a0b60cd6ccd902b6c5153478dfcd73a5d5c43096 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester vancouversun date Tue, 26 Oct 2021 18:12:07 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 47536 etag "08f637ec142a8c26349822511cd2588e858dfb68" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 7489d883520f content-length 32680 x-amz-cf-id _udqEWzBJaSygJ0kKmmKMwhAIfDZIcnsDVbi37zQSuCxkZtBQXiNmQ== expires Wed, 26 Oct 2022 18:12:07 GMT
GET H2	200	1028-stainsby-2_265297327-w.jpg smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/	14 KB 14 KB	36ms 34ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/vancouversun/wp-content/uploads/2021/10/1028-stainsby-2_265297327-w.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash df80e4eb0f9584d0ba17991550e4cd2af66ccf68c1f59b2fd99d050c2146654e Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester vancouversun date Tue, 26 Oct 2021 18:14:18 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 47405 etag "686f1addb4681841641f9565ec3481a67f7c31db" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 7489d883520f content-length 14166 x-amz-cf-id -yjBvuBZFZS8PuLbgsUJ2-AtbKkc8flpWe03Dzl6mONSIFfRGbnLsg== expires Wed, 26 Oct 2022 18:14:18 GMT
GET H2	200	1-holmes-pic.jpg smartcdn.prod.postmedia.digital/nationalpost/wp-content/uploads/2021/10/	15 KB 16 KB	35ms 32ms	Image image/webp	52.222.158.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.prod.postmedia.digital/nationalpost/wp-content/uploads/2021/10/1-holmes-pic.jpg?quality=90&strip=all&w=344&type=webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-112.cdg52.r.cloudfront.net Software nginx/1.19.10 / Resource Hash f00284a979e5c5001dc48db67c02be8eb043cd720f1567e161aa5e8ef538ff41 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-pmd-smartcdn-requester nationalpost date Tue, 26 Oct 2021 16:33:02 GMT via 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront) server nginx/1.19.10 age 53481 etag "b8b8392879e9876053406833a45f7d72eb94690a" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31536000,public x-amz-cf-pop CDG52-P2 x-pmd-smart-cdn-proxy 7489d883520f content-length 15744 x-amz-cf-id BOUkSLCl-tl_5yb5SVzn6b4Z2YUjJrjXU9CC3JK16pQg3_xMC5V-7w== expires Wed, 26 Oct 2022 16:33:02 GMT
GET H/1.1	200 OK	sso.js Show response d1v9u0bgi1uimx.cloudfront.net/	28 KB 29 KB	65ms 18ms	Script application/javascript	52.222.149.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1v9u0bgi1uimx.cloudfront.net/sso.js Requested by Host: widgets-cdn.rpxnow.com URL: https://widgets-cdn.rpxnow.com/manifest/capture:login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.149.61 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-149-61.cdg52.r.cloudfront.net Software Apache-Coyote/1.1 / Resource Hash 2cdf80963bd339576cd2fa41ab42c93baa3499810a07f243cced7eb84d19aa6f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 26 Oct 2021 11:28:36 GMT Via 1.1 59217f0941f089caa7fbc6da584e0d2f.cloudfront.net (CloudFront) X-Content-Type-Options nosniff Age 71957 X-Cache Hit from cloudfront P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Connection keep-alive X-SSO-Instance SSO1-sso-3.5.0+216 Content-Length 29010 Last-Modified Tue, 16 Apr 2019 19:03:14 GMT Server Apache-Coyote/1.1 ETag W/"29010-1555441394000" Content-Type application/javascript EC2-instance-id i-0c72b9f20d46c1f57 X-Amz-Cf-Pop CDG52-P1 Accept-Ranges bytes X-Amz-Cf-Id 3up9QrMEnHzyTgWIHL4U-lPhGHFNWHSGytahzJaTipNa96HInKc1QA==
GET H2	200	providers.css quilt-cdn.janrain.com/HEAD/	123 KB 9 KB	56ms 7ms	Stylesheet text/css	2.16.186.144 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://quilt-cdn.janrain.com/HEAD/providers.css Requested by Host: widgets-cdn.rpxnow.com URL: https://widgets-cdn.rpxnow.com/manifest/capture:login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.144 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-144.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash cbf82bc71e89c822b11480a6c7ad144d8f4a43b8395afd5c2b81608859c55aa5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip last-modified Mon, 27 Sep 2021 18:12:27 GMT server AmazonS3 x-amz-request-id NGAPFY6PKMB0K7BV etag "123d2909bf54e24c0050abf1148b1fce" vary Accept-Encoding content-type text/css cache-control public, max-age=29004464 accept-ranges bytes content-length 8619 x-amz-id-2 1WlngE80Rtf/4ruTj26BP8C0rYk2oatOY2/515E3J5mlI6HDQPFGWJZriKP3PdidTldZSukELe0= expires Wed, 28 Sep 2022 00:12:07 GMT
GET H2	200	xd.js Show response d395dw5zk780j2.cloudfront.net/v44.0/ Frame B4A7	36 KB 12 KB	17ms 16ms	Script application/javascript	52.222.158.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d395dw5zk780j2.cloudfront.net/v44.0/xd.js Requested by Host: d395dw5zk780j2.cloudfront.net URL: https://d395dw5zk780j2.cloudfront.net/v44.0/xd.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.158.5 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-158-5.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash c83994d77304263bb739d6666ddeb6f6ddc992229a5d6bee392165ee8d13c940 Request headers Accept-Language de-DE,de;q=0.9 Referer https://d395dw5zk780j2.cloudfront.net/v44.0/xd.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 19 Oct 2021 18:42:53 GMT content-encoding gzip last-modified Tue, 05 Oct 2021 14:03:02 GMT server AmazonS3 age 650491 etag W/"fabc490f585d61e261218f7644ecaf72" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG52-P2 x-amz-cf-id GcLBoWQMlObFs021CMRK3UBMG-_t1P_fJUCheM0VOb9VhucgVT0DoA==
GET H3	200	logo-identity-canada.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/identity/	8 KB 8 KB	104ms 104ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/identity/logo-identity-canada.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash 45b7392266cbe8a7c3c6f68ef87c5a80a37867b622b538c1fcf1575d907be1c6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT age 0 x-guploader-uploadid ADPycdvG-Z3Nt4Nxj8VnZAdXSL8Tn7xeFga2jDQF5WBUGSrBBXuaMPUF_aZUerj7Wbh2E72MipPm7jPDskjZTGItj93CBEJq_w x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7913 last-modified Tue, 19 Oct 2021 19:21:09 GMT server UploadServer etag "5d4dbced8fe7f1317a835767ecc45cc9" x-goog-hash crc32c=O4WVOQ==, md5=XU287Y/n8TF6g1dn7MRcyQ== x-goog-generation 1634671269233044 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 7913 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:24:23 GMT
GET H2	200	controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response cdn.krxd.net/ctjs/	259 KB 83 KB	6ms 6ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/uep04wp3s.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip age 2360227 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 2849880 content-length 84509 x-served-by cache-hhn4025-HHN last-modified Mon, 02 Aug 2021 12:06:17 GMT x-timer S1635319463.071429,VS0,VE0 etag "a1705c5ac5f06cf0c202ff70908fc042" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Thu, 31 Jul 2031 12:06:16 GMT
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	38ms 6ms	Preflight	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-mp-key Origin https://o.canada.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers server Kestrel access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin accept-ranges bytes date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish age 514 x-served-by cache-hhn4057-HHN x-cache HIT x-cache-hits 93 x-timer S1635319463.149176,VS0,VE0 strict-transport-security max-age=900
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	33ms 8ms	Script text/javascript	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 26 Oct 2021 23:24:02 GMT server Golfe2 age 4997 date Wed, 27 Oct 2021 06:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19747 expires Wed, 27 Oct 2021 08:01:06 GMT
POST H2	200	identify Show response identity.mparticle.com/v1/	175 B 279 B	111ms 110ms	XHR application/json	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 3eac2c96150be55edea2061c668244cd7e50d651509de5a53ba5cef7effe7d52 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key cd4afed6a2719d439af431746c942e3c Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip server Kestrel x-timer S1635319463.155785,VS0,VE105 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-hhn4057-HHN vary Accept-Encoding x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * strict-transport-security max-age=900 accept-ranges bytes via 1.1 varnish x-cache-hits 0
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	64 B 530 B	52ms 51ms	XHR text/javascript	52.222.163.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fo.canada.com%2F&pid=7mkgjpb6XP9L7&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-163-173.cdg52.r.cloudfront.net Software Server / Resource Hash d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront) server Server x-amz-cf-pop CDG52-P2 x-amz-rid R20AN2B6V3ZPRC4GNECP vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 64 x-amz-cf-id Nc8sYDgUiidAmFN7gwW6Qi4CqI8eRh5NmLdMckjAfRkBZj6MWWbzew==
GET H2	200	cygnus Show response htlb.casalemedia.com/	78 B 370 B	167ms 139ms	XHR text/javascript	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?v=7.2&s=307796&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2248584240%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fo.canada.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2233%22%2C%22siteID%22%3A%22573947%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2234%22%2C%22siteID%22%3A%22573941%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2235%22%2C%22siteID%22%3A%22573937%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2229%22%2C%22siteID%22%3A%22573942%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2230%22%2C%22siteID%22%3A%22573948%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2231%22%2C%22siteID%22%3A%22573945%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2225%22%2C%22siteID%22%3A%22573946%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2226%22%2C%22siteID%22%3A%22573950%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2227%22%2C%22siteID%22%3A%22573944%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2221%22%2C%22siteID%22%3A%22573933%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2222%22%2C%22siteID%22%3A%22573934%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22573939%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2217%22%2C%22siteID%22%3A%22573929%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2218%22%2C%22siteID%22%3A%22573919%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2219%22%2C%22siteID%22%3A%22573932%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22573920%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22573917%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2215%22%2C%22siteID%22%3A%22573921%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22573925%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22573927%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22573923%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22573935%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22573914%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22573930%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22573922%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22573915%22%7D%7D%5D%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22573918%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22573924%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22573926%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22573916%22%7D%7D%5D%7D%2C%22id%22%3A%229%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224222e4f9-9ea9-4d2f-857c-ce3b75e14de7%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-27T07%3A24%3A22%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b0e03d89791548669f7f5e5ea06c7cb3bda5edbc24980dae623c3ca48dd5f185 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:23 GMT x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.43], XFF:[] server Apache content-type text/javascript access-control-allow-origin https://o.canada.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 78 x-ak-client-geo 12 expires Wed, 27 Oct 2021 07:24:23 GMT
POST H2	204	cdb Show response bidder.criteo.com/	0 185 B	51ms 18ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=114&profileId=154&cb=94871785807 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://o.canada.com date Wed, 27 Oct 2021 07:24:22 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	72ms 32ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c82c801f6&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 959489da84924c4b66bfc501eeab90fc7d37eaa86c1f5b3119db00f5a68ab52f Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	61ms 22ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c857001f8&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash cfd13ab58027cca5ec17c2a6fcf331b3d547a861e1d5776bcb7b66825b1c5f58 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	60ms 21ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c841201f7&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash d8dd0029f751ac47c43198ad477ea838c12fa81da3aea0e2184432f8e8c91ab8 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	60ms 22ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c817101f5&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 1c48d423c62d4876c14eb0e6d3cb1d436faebd8f78620ad6f0923a01a2c7d670 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	65ms 27ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c802601f4&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 7602c2b31f0a9898d4efcdf8fc01196a5a11ba1d7f6a9de2bfeb4dfe924495ee Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 289 B	59ms 21ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7d9301f2&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash cf0cafb6b645650de640e28c774ec22e99ef3d4e261f0148eb1f147d0bcac9e9 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	154ms 116ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7c4f01f1&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 87ba558c74a4850645334df23edbafbc51ad9f90c80720176fe4473bb38afaeb Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	70ms 32ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7ed101f3&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash a394bee4826e11f98977caab3b037deaee4cb20230083801a7afc58de0a1f3df Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	68ms 31ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c772401ed&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 56ed4ab8ef643e47fb54270e06c7fab32b6f9dd2c2eab86af7c538c972e03875 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	66ms 30ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c787001ee&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash e09c3ea9f65fe722d5abe9afe45a483f6d766087ddf88c4f07176100bf1c2211 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	66ms 30ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7b0401f0&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 4498a35d19172391c64774bbb457aaedd809ad30c9d6f89b09132383f53a1e58 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	57ms 21ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c79ae01ef&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash fc1bc27d29bcfc63ada1d2f50210f21277ef872f1368514c73970deccab2f9f6 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	65ms 29ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c745e01eb&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash c6d4f7a4952ae3f92ead4a01b8f90a7e4e56c04e761351dae184a40c4e2da971 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	152ms 116ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c75e501ec&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 7fe7acfab4b084af3baff33e0341a17401e30b6d6f2d00c4f19caea38892f6f9 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	63ms 27ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c716101e9&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 22d3a4bf5bfe862c09416d008f8a6e29a8f8038d5af067d760dda885166c4ffc Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	71ms 35ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c72a101ea&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 827c2f711bbf592c387dc16f02cd83c09f32b2db63d21008c83528c1bfe5dd98 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	64ms 29ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6dbf01e6&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash c46ce91934786effae2d035146aaa1e4a62def8672ab1ca5d9cedaa7a3fac184 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	69ms 33ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6eee01e7&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 5f1d1d97f823205e00213c6de30d4ca6c61772b7afa87466c6ce06f6158d6c97 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	68ms 33ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c702e01e8&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 9e4587e84eb5fe0e39fa3e403a978bcd15f671e92dd32fa4dfd7184091bcfa43 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	65ms 29ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6c8b01e5&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 5e67a214c1ca5b11339a3bab6b88b0953875538342c6a9d231b8db3a50e0fe3e Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	67ms 32ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6b4d01e4&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 570b230bdf785579414f78aa69dd6fee9da432104ddf00dde6ce63dce86f0928 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	68ms 33ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c67bb01e1&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash a9a7f7c47e3668a68184bb400d96871a0ea494106c8c4ca52913bbbc804e65f8 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	62ms 28ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6a1801e3&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 12c625ffbc3d80904fff07e94ebc9db05ab3b3a88a4d1a5a27b3eca6b5dc8cc9 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	62ms 27ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c68e801e2&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash ac2e0018f220fefb2e70ca04c35117a2639b2d3abb870ab18e3ad23abd51e792 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	63ms 28ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c630201dd&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 3632514eb422705080e662115735fdaf1523e0353437a164a6fc0de1eab631cd Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	157ms 123ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c668c01e0&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 13fec891ec7a6e42e87b442d39a8670fefbba6f73266b8311372944273e5fc5e Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	68ms 34ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c642901de&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 090063ad215b6f017cf8c6adae092185e0b6428b29322c3cb0b5beec70f5fb7c Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	69ms 35ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c655601df&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash a06698658bb99607476e653190e594d217ee86943636fe96321ce2d2f7158591 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	68ms 34ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5ddc01d9&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash ab444bc45c10a2463d796b8934513bb20c72b9fa3f86767cc1b52f5264890928 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	67ms 33ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5efb01da&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 9fa188904c6df89b6c918c88fa4be07b72121847ab535266a83c9081b675588e Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	64ms 31ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c61c301dc&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 6ca30dcbeca6b11b79537892c56729ec1ab43fc845dede75cd97a35f0001db9a Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	62ms 28ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c601d01db&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash b647406e636af066b23e9c8af1349700d38ae0d6fc764b194411888d07a2f3bd Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	65ms 31ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c406101be&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 2d3f1d13f86d48473caab1fa581d71a5a9ddf8a873e03d7e937059e30879aa5b Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	64ms 30ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c415901bf&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash b8aec988122b042ad93bd9858c85a8b5670cbee4c008f5cf518941abddca5b8a Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	155ms 122ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c3f5701bd&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash 7623d6582ab50959bf3beffe62caaad6a4574112cb42c3280bc93c1ab1ab3473 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 92 B	154ms 121ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c425401c0&secure=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/9.1.0.33 / Resource Hash c6b15adbdad2fa3829eead28e8667959deddf1de3c862be45c4f5e6709f2e889 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT server ATS/9.1.0.33 age 0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods POST,GET,HEAD,OPTIONS content-type application/json;charset=utf-8 access-control-allow-origin https://o.canada.com access-control-allow-credentials true content-length 62
GET H2	200	arj Show response postmedia-d.openx.net/w/1.0/ Redirect Chain https://postmedia-d.openx.net/w/1.0/arj?auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x... https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7...	233 B 505 B	688ms 687ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bDOiHzhN&cache=1635319463255&ttduuid=4222e4f9-9ea9-4d2f-857c-ce3b75e14de7 Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 9bdb18d6be53574b175e4d2bc988faf1a46ab4b5859b00610aa1a2f8ef15903a Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip server OXGW/16.217.1 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://o.canada.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 218 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 google server OXGW/16.217.1 location https://postmedia-d.openx.net/w/1.0/arj?cc=1&auid=542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bDOiHzhN&cache=1635319463255&ttduuid=4222e4f9-9ea9-4d2f-857c-ce3b75e14de7 p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://o.canada.com access-control-allow-credentials true alt-svc clear content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	12 KB 7 KB	193ms 178ms	XHR application/json	37.252.172.36 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.36 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash dd575bccff6d4d1006fc1d5dfc287e25fadde9ea8d5cc900fb0a22a97bf7c24a Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Wed, 27 Oct 2021 07:24:23 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 216.131.114.43; 216.131.114.43; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid d5e52275-3fe5-43f3-84d3-8b81ed54950e Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://o.canada.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response o.canada.com/api-root/media/videos/playlists/PLqRRaOIZ10cUeyt6CGmpOe1s3VcygGMEY/player/json/	9 KB 9 KB	99ms 99ms	Fetch application/json	34.107.199.243 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o.canada.com/api-root/media/videos/playlists/PLqRRaOIZ10cUeyt6CGmpOe1s3VcygGMEY/player/json/ Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/3d87c26106bce2a5f47a29.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.199.243 , United States, ASN15169 (GOOGLE, US), Reverse DNS 243.199.107.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 595c5f01946d32dfe7bce06ff78e25dccb08a4915198a8c3e85c20e060379e7b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :path /api-root/media/videos/playlists/PLqRRaOIZ10cUeyt6CGmpOe1s3VcygGMEY/player/json/ pragma no-cache cookie x-id={"data":{"id":"qups7daopoz2cnzcqmiahohx8bblyonm","updated":1635319462858},"exp":604800000,"ts":1635319462883,"mac":-1196071233}; mprtcl-v4_CF49E3A7={'gs':{'ie':1|'dt':'cd4afed6a2719d439af431746c942e3c'|'av':'1.0.0'|'cgid':'3a43a8c7-2796-4123-875e-d949c1a88767'|'das':'36cf6743-8160-4c25-a084-0eeaecb8b10c'}|'l':0}; __adblocker=false accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority o.canada.com referer https://o.canada.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 google allow GET, HEAD, OPTIONS last-modified Wednesday, 27-Oct-2021 07:24:23 GMT server nginx/1.19.10 x-frame-options SAMEORIGIN x-pmd-backend cheetah-nginx pmd-nginx-proxy-54cc578c87-tzmzj vary Accept-Encoding Accept, Cookie, Origin content-type application/json cache-control max-age=900 no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 alt-svc clear content-length 8748 expires Wed, 27 Oct 2021 07:27:49 GMT
GET H2	200	proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response cdn.krxd.net/partnerjs/xdi/ Frame 2CF6	805 B 826 B	12ms 12ms	Document text/html	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9 Request headers :method GET :authority cdn.krxd.net :scheme https :path /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers last-modified Tue, 21 Feb 2017 17:50:54 GMT etag "3d2100fd7107262ecb55ce6847f01fa5" cache-control public, max-age=315360000 expires Fri, 19 Feb 2027 17:50:50 GMT content-type text/html x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3 content-encoding gzip accept-ranges bytes date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish age 2877423 x-served-by cache-hhn4025-HHN x-cache HIT x-cache-hits 758768 x-timer S1635319463.280365,VS0,VE0 vary Accept-Encoding p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" content-length 525
GET H/1.1	200 OK	flow.js:ztcpr5854s8kyh93khrgw44sv9:en-US:HEAD:standard Show response d1lqe9temigv1p.cloudfront.net/widget_data/	36 KB 8 KB	196ms 154ms	Script text/javascript	52.222.149.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1lqe9temigv1p.cloudfront.net/widget_data/flow.js:ztcpr5854s8kyh93khrgw44sv9:en-US:HEAD:standard Requested by Host: widgets-cdn.rpxnow.com URL: https://widgets-cdn.rpxnow.com/manifest/capture:login Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.149.72 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-149-72.cdg52.r.cloudfront.net Software AmazonS3 / Resource Hash bab05e352c21048ba5634365c3cfbaa21b405364b0b051ad763f824e6ee63624 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 27 Oct 2021 07:24:24 GMT Content-Encoding gzip Last-Modified Tue, 02 Feb 2021 14:30:46 GMT Server AmazonS3 X-Amz-Cf-Pop CDG52-P1 ETag "fbefee44935aec5f0a4ffda5021cf7d3" X-Cache RefreshHit from cloudfront Content-Type text/javascript; charset=utf-8 Via 1.1 873d6434b45dab39b9f50a4f2cbd92f7.cloudfront.net (CloudFront) Cache-Control max-age=300 Connection keep-alive Content-Length 8026 X-Amz-Cf-Id 1cRj7ncQWnUnAPY16KBfR-vLYQmL7F4wHs3irs-4RVe6t5B134-w4g==
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	3 B 429 B	59ms 22ms	XHR application/json	142.250.74.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f14.1e100.net Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://o.canada.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	9ms 9ms	Preflight	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-mp-key Origin https://o.canada.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers server Kestrel access-control-allow-headers content-type,x-mp-key access-control-allow-methods POST access-control-allow-origin * x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin accept-ranges bytes date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish age 514 x-served-by cache-hhn4057-HHN x-cache HIT x-cache-hits 95 x-timer S1635319463.355331,VS0,VE0 strict-transport-security max-age=900
POST H2	200	identify Show response identity.mparticle.com/v1/	175 B 220 B	102ms 102ms	XHR application/json	151.101.66.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 3eac2c96150be55edea2061c668244cd7e50d651509de5a53ba5cef7effe7d52 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key cd4afed6a2719d439af431746c942e3c Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip server Kestrel x-timer S1635319463.361773,VS0,VE96 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-hhn4057-HHN vary Accept-Encoding x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * strict-transport-security max-age=900 accept-ranges bytes via 1.1 varnish x-cache-hits 0
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/cd4afed6a2719d439af431746c942e3c/	0 197 B	42ms 18ms	XHR text/plain	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/cd4afed6a2719d439af431746c942e3c/Forwarding Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish server Kestrel x-timer S1635319463.387325,VS0,VE3 x-served-by cache-hhn4030-HHN x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	204	/ cookiesync.mparticle.com/v1/sync/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2 https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_tc= https://cookiesync.mparticle.com/v1/sync/?id=CAESEKCNOcKD4OgxZ4LVX9A85-Y&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_cver=1	0 186 B	396ms 366ms	Image text/plain	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cookiesync.mparticle.com/v1/sync/?id=CAESEKCNOcKD4OgxZ4LVX9A85-Y&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_cver=1 Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish server Kestrel x-timer S1635319464.573517,VS0,VE360 x-origin-name 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin x-cache MISS x-cache-hits 0 accept-ranges bytes x-served-by cache-hhn4065-HHN Redirect headers pragma no-cache date Wed, 27 Oct 2021 07:24:23 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cookiesync.mparticle.com/v1/sync/?id=CAESEKCNOcKD4OgxZ4LVX9A85-Y&MPID=1896553012421377959&esid=29183&Key=cd4afed6a2719d439af431746c942e3c&env=2&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 382 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	28ms 14ms	XHR text/plain	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1556724397&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAQCAC~&jid=1938447905&gjid=41492314&cid=1056215529.1635319463&tid=UA-138335866-21&_gid=891833363.1635319463&_r=1&gtm=2wgak0WC74WBX&z=1578111032 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	22ms 13ms	XHR text/plain	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1556724397&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEHAAEABAAQCAC~&jid=838158281&gjid=1154133154&cid=1056215529.1635319463&tid=UA-24419597-3&_gid=891833363.1635319463&_r=1&_slc=1&cd1=index&cd5=index&cd7=HTML&cd13=https%3A%2F%2Fo.canada.com%2F&cd19=false&cd27=false&cd28=Cheetah&cd91=true&cd92=index&cd93=https%3A%2F%2Fo.canada.com%2F&cd129=false&cd150=canada.com&cd152=1896553012421377959&cd186=canada&cd188=0BCF26A7-0EA1-4B2C-8CDF-7D1A28C964D9&cd194=o.canada.com&z=397052269 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	42fb57ac-2013-45a6-8dad-332d53e17c1b Show response consumer.krxd.net/consent/get/	237 B 428 B	51ms 32ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 98d6f6bbd06e3e09e464f94db0718f1d8a306cb0db5af0b335b921f6a52e27bb Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish age 0 x-served-by consumer-a006-dub-prod.krxd.net, cache-hhn4071-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1635319463.478453,VS0,VE26 content-length 189 x-cache-hits 0, 0
POST H2	204	events bidder.criteo.com/csm/	0 185 B	16ms 16ms	Ping text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://o.canada.com date Wed, 27 Oct 2021 07:24:22 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/vJpCbQon4CM/	9 KB 9 KB	45ms 19ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/vJpCbQon4CM/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash e6ca51df7da4d07747c8d9e0faf17e336beb2bd7e315df05420059307cb0a45c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8814 x-xss-protection 0 server sffe etag "1551210347" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/HF_km-jkFyA/	17 KB 18 KB	52ms 26ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/HF_km-jkFyA/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash 7f995ac246c6a60afb09474b229a9da4dfa465aeaa83f9b86559bbb570b0c110 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17852 x-xss-protection 0 server sffe etag "1548089195" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/gP5CocYB_TI/	21 KB 21 KB	46ms 20ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/gP5CocYB_TI/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash ac582af031c6dd527704f0c2f088678526d2186255349f1164ab2ade226f6581 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 21570 x-xss-protection 0 server sffe etag "1543860255" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/xq-qQod3xuQ/	10 KB 10 KB	54ms 29ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/xq-qQod3xuQ/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash 60e4174c269ec8fd4275f74316145613143c2c6ccb0e34c7275117629d39f4b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 10460 x-xss-protection 0 server sffe etag "1543857660" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/y3_ppwJ-v3A/	11 KB 11 KB	56ms 30ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/y3_ppwJ-v3A/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash 8fbb160f964f35aef15b909244e64cddac01af586c8fbf8dd8e999a39f5f5ed1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 11532 x-xss-protection 0 server sffe etag "0" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	mqdefault.webp i.ytimg.com/vi_webp/NhhlM-43UaU/	16 KB 17 KB	57ms 31ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/NhhlM-43UaU/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash e52dfb661f4445fab78f5928555f9c41de85efa15a44ffc707e970ae31aef234 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16880 x-xss-protection 0 server sffe etag "0" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H3	200	mqdefault.webp i.ytimg.com/vi_webp/OM6FCb2TGx4/	19 KB 19 KB	41ms 26ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/OM6FCb2TGx4/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash 2d04d04ad029e4b0315df2cc132ab8c0ca8de5961b90718bcb754cd1ef7f2339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19004 x-xss-protection 0 server sffe etag "1421256852" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H3	200	mqdefault.webp i.ytimg.com/vi_webp/SiHSIzAmybc/	14 KB 14 KB	35ms 19ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/SiHSIzAmybc/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash dbbf3863b97c0762bee2c480a27192a60609fc86e34f3d54db78ec79114927bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14424 x-xss-protection 0 server sffe etag "1426971821" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H3	200	mqdefault.webp i.ytimg.com/vi_webp/dbdj3CmgjdU/	18 KB 18 KB	47ms 32ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/dbdj3CmgjdU/mqdefault.webp Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash 41c9df050447d266e49cd596197f886cba71eefbf20e5e757b8e20ea4a69fa8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 18020 x-xss-protection 0 server sffe etag "1558453291" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 09:24:23 GMT
GET H2	200	uep04wp3s.js Show response cdn.krxd.net/controltag/ Frame 2CF6	28 KB 7 KB	7ms 7ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/uep04wp3s.js Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 43094d3321730c01fcb17959b15272537d70ed6554559edef24882a524c3c5f7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish, 1.1 varnish age 1101 x-cache MISS, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 6318 x-served-by config-service-a002-ash-prod.krxd.net, cache-bwi5120-BWI, cache-hhn4025-HHN x-response-time 0 x-do-esi esi x-timer S1635319464.537852,VS0,VE0 etag "62e3300dcb8fbb80b2dc1dc4e5f4000c6b6ee5a2" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 1, 2
GET H3	200	icon-yt-play.svg storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common-icon/	441 B 475 B	10ms 9ms	Image image/svg+xml	142.250.186.80 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/images/common-icon/icon-yt-play.svg Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.80 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f16.1e100.net Software UploadServer / Resource Hash fd583bd394cf970e462e11c2855609a468859ce761c8c3b6bc93dc90e93923cf Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:08:52 GMT age 931 x-guploader-uploadid ADPycds_8eFjgidMJOWBBkcDGXa5Mkh_GcvFSWCd6DFv6FlIYPJX3UQAcLt-eKHeLf4kEpcJV_07xw1wcznaDyBMesPa9SD6Zg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 441 last-modified Tue, 19 Oct 2021 19:22:19 GMT server UploadServer etag "7533689acda9106d7cef8147baac58bd" x-goog-hash crc32c=896i7g==, md5=dTNoms2pEG1874FHuqxYvQ== x-goog-generation 1634671339928201 access-control-allow-origin * cache-control max-age=31536000 x-goog-stored-content-length 441 accept-ranges bytes content-type image/svg+xml expires Thu, 27 Oct 2022 07:08:52 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 408 B	45ms 14ms	XHR text/plain	74.125.133.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-24419597-3&cid=1056215529.1635319463&jid=838158281&gjid=1154133154&_gid=891833363.1635319463&_u=aEHAAEABAAQCAC~&z=172248831 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f154.1e100.net Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 27 Oct 2021 07:24:23 GMT content-type text/plain access-control-allow-origin https://o.canada.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	iframe_api Show response www.youtube.com/	980 B 1 KB	35ms 31ms	Script text/javascript	142.250.74.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/pmd-stage-northamerica-northeast1-dcs-static-files/8.2.5/websites/js/6fa04d618683542c541e11.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f14.1e100.net Software ESF / Resource Hash 9d045e6d0547a4b0f71a95029d68ba555fd2cb72ede4cf982c65eed12822635d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* cross-origin-opener-policy-report-only same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA" expires Wed, 27 Oct 2021 07:24:23 GMT
GET H2	200	server.html Show response postmedia.us.janrainsso.com/static/ Frame EC79	4 KB 2 KB	55ms 8ms	Document text/html	104.109.66.244 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://postmedia.us.janrainsso.com/static/server.html Requested by Host: d1v9u0bgi1uimx.cloudfront.net URL: https://d1v9u0bgi1uimx.cloudfront.net/sso.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.66.244 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-66-244.deploy.static.akamaitechnologies.com Software Apache-Coyote/1.1 / Resource Hash ad30fc772afe5ab92c1ee3fae4c2b4378baa49cb22f7456d0d42712590794435 Security Headers Name Value X-Content-Type-Options nosniff nosniff Request headers :method GET :authority postmedia.us.janrainsso.com :scheme https :path /static/server.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers content-type text/html server Apache-Coyote/1.1 x-sso-instance SSO1-sso-3.5.0+216 ec2-instance-id i-0805158b042c068ac i-0805158b042c068ac x-content-type-options nosniff nosniff p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" accept-ranges bytes etag W/"4536-1555441394000" last-modified Tue, 16 Apr 2019 19:03:14 GMT vary Accept-Encoding content-encoding gzip content-length 1726 cache-control public, max-age=287 expires Wed, 27 Oct 2021 07:29:10 GMT date Wed, 27 Oct 2021 07:24:23 GMT
GET H2	200	controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response cdn.krxd.net/ctjs/ Frame 2CF6	259 KB 83 KB	7ms 7ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/uep04wp3s.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Wed, 27 Oct 2021 07:24:23 GMT content-encoding gzip age 2360227 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 2849886 content-length 84509 x-served-by cache-hhn4025-HHN last-modified Mon, 02 Aug 2021 12:06:17 GMT x-timer S1635319464.564262,VS0,VE0 etag "a1705c5ac5f06cf0c202ff70908fc042" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Thu, 31 Jul 2031 12:06:16 GMT
GET H2	200	42fb57ac-2013-45a6-8dad-332d53e17c1b Show response consumer.krxd.net/consent/get/ Frame 2CF6	222 B 281 B	38ms 36ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/42fb57ac-2013-45a6-8dad-332d53e17c1b?idt=device&dt=kxcookie&callback=Krux.ns.postmedia.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 574e2c909e5ebe2f74e73140eadd31ad5295ee73af9bef9f408c1f525b7198e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:23 GMT via 1.1 varnish age 0 x-served-by consumer-a015-dub-prod.krxd.net, cache-hhn4071-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1635319464.603623,VS0,VE28 content-length 181 x-cache-hits 0, 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 472 B	50ms 26ms	Image image/gif	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-24419597-3&cid=1056215529.1635319463&jid=838158281&_u=aEHAAEABAAQCAC~&z=380523952 Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	www-widgetapi.js Show response www.youtube.com/s/player/9a0939d3/www-widgetapi.vflset/	143 KB 46 KB	24ms 7ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash 393699c2314dc1e25ff5d748cdd9eb8ae727fa439c5d5ab507e39b16e68c978f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:55 GMT content-encoding br x-content-type-options nosniff age 29968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 47552 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:55 GMT
GET H3	200	dbdj3CmgjdU Show response www.youtube.com/embed/ Frame CE82	66 KB 25 KB	175ms 175ms	Document text/html	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/www-widgetapi.vflset/www-widgetapi.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software ESF / Resource Hash cf1847b85dfccb39abed27c8a75ae79efa86b79a00e3bf11c93e45c61982295f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br cookie YSC=QL475Yb_2oY; VISITOR_INFO1_LIVE=FOMCLIx4TXU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 27 Oct 2021 07:24:23 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* cross-origin-opener-policy-report-only same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version report-to {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]} content-encoding br server ESF x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	www-player-webp.css www.youtube.com/s/player/9a0939d3/ Frame CE82	335 KB 46 KB	7ms 7ms	Stylesheet text/css	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash f6fa95bdfe86150aa442c248745aa6815500638df936076ed2269eaeff67f9ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:15 GMT content-encoding br x-content-type-options nosniff age 30008 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 46955 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:15 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame CE82	15 KB 15 KB	27ms 12ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 04:18:33 GMT x-content-type-options nosniff age 443150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 22 Oct 2022 04:18:33 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/9a0939d3/www-embed-player.vflset/ Frame CE82	210 KB 69 KB	7ms 7ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash f7c88c5bc5729273c7909de98463f5abba6ad88aecb987fb4e89df2be50e6883 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:13 GMT content-encoding br x-content-type-options nosniff age 30010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 70212 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:13 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/ Frame CE82	2 MB 514 KB	11ms 10ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash 74a41ef4c82424012ea04a43bfbaa1a20fa0b8d1c77dcc24c363305faf38fdbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:15 GMT content-encoding br x-content-type-options nosniff age 30008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 526090 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:15 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/9a0939d3/fetch-polyfill.vflset/ Frame CE82	8 KB 3 KB	11ms 11ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:13 GMT content-encoding br x-content-type-options nosniff age 30010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2830 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:13 GMT
GET H2	200	id Show response googleads.g.doubleclick.net/pagead/ Frame CE82	113 B 694 B	36ms 15ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash fd80f6162fa1cf72c33e64f72b39f577400707ffa36a89d3505a881620a46bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame CE82	29 B 559 B	30ms 6ms	Script text/javascript	142.250.185.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f6.1e100.net Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:16:30 GMT x-content-type-options nosniff age 474 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 27 Oct 2021 07:31:30 GMT
GET H2	200	pd Show response eu-u.openx.net/w/1.0/ Frame 36EC	1006 B 859 B	25ms 19ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 3b89339e0034178a0425545755fd879632fcd3fcf0cc03fc7d3e6d408cef268a Request headers :method GET :authority eu-u.openx.net :scheme https :path /w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br cookie i=7b19263e-777b-04a1-26bc-102805955516|1635319463 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers vary Accept, Accept-Encoding set-cookie i=7b19263e-777b-04a1-26bc-102805955516|1635319463; Version=1; Expires=Thu, 27-Oct-2022 07:24:24 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635319464|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 11-Nov-2021 07:24:24 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None server OXGW/16.217.1 p3p CP="CUR ADM OUR NOR STA NID" date Wed, 27 Oct 2021 07:24:24 GMT content-type text/html content-length 541 content-encoding gzip via 1.1 google alt-svc clear
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 520 B	68ms 25ms	Script application/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=o.canada.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/ Frame CE82	93 KB 29 KB	8ms 7ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash 082564a12aa19a162b25fb5093db020a63891d30fd0c848f435c35450abee4f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:16 GMT content-encoding br x-content-type-options nosniff age 30008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29604 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:16 GMT
GET H3	200	DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js Show response www.google.com/js/th/ Frame CE82	35 KB 13 KB	26ms 7ms	Script text/javascript	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software sffe / Resource Hash 0e030e2d918b977683fa0981758d20c8686093cb79dac8e506a3e3bbc4e894cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:20:49 GMT content-encoding br x-content-type-options nosniff age 215 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13332 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:00:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Thu, 27 Oct 2022 07:20:49 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/ Frame CE82	24 KB 7 KB	7ms 7ms	Script text/javascript	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software sffe / Resource Hash 57428294e76b83d351752ecdaf281680707fbddf18b8d92216cc53d8fcaccd71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 23:04:34 GMT content-encoding br x-content-type-options nosniff age 29990 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 7350 x-xss-protection 0 last-modified Tue, 26 Oct 2021 22:05:02 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Oct 2022 23:04:34 GMT
GET DATA	200 OK	truncated / Frame CE82	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AKedOLTS5JEDLj1r-84XLgBcCoQMxztRRw9LJ1Pawih-=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame CE82	2 KB 2 KB	43ms 7ms	Image image/jpeg	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AKedOLTS5JEDLj1r-84XLgBcCoQMxztRRw9LJ1Pawih-=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software fife / Resource Hash 87b7746b1061f52378b54a7e0f178f8f04b16dafc2867cefb6195f58a8990f2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 05:27:39 GMT x-content-type-options nosniff age 7005 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1662 x-xss-protection 0 server fife etag "v16" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 22 Oct 2021 20:32:09 GMT
GET H3	200	sddefault.webp i.ytimg.com/vi_webp/dbdj3CmgjdU/ Frame CE82	47 KB 47 KB	8ms 7ms	Image image/webp	142.250.181.246 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/dbdj3CmgjdU/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.246 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f22.1e100.net Software sffe / Resource Hash d128d5335e9afbc85e244569e60f2e90d85c14fcce4b378e6ba6714c0e6bc885 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 05:29:16 GMT x-content-type-options nosniff age 6908 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 48118 x-xss-protection 0 server sffe etag "1558453291" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 27 Oct 2021 07:29:16 GMT
POST H/1.1	200 OK	headerstats Show response as-sec.casalemedia.com/	0 427 B	48ms 17ms	XHR text/plain	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/headerstats?s=307796&u=https%3A%2F%2Fo.canada.com%2F&v=3 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:24 GMT X-AK-INITIAL-GEO CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.43], XFF:[] Server Apache Access-Control-Allow-Origin https://o.canada.com X-CS-CLIENT-GEO 12 Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-AK-CLIENT-GEO 12 Expires Wed, 27 Oct 2021 07:24:24 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	425 KB 20 KB	455ms 455ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=457552111574989&correlator=3539684494189452&output=ldjh&impl=fifs&eid=31063136%2C31063262%2C31062525%2C31062931&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=3081%2Cccn.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635019-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De863501a-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3De863501b-36f6-11ec-b367-0634eb268b40%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De863501c-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3De863501d-36f6-11ec-b367-0634eb268b40%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De863501e-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3De863501f-36f6-11ec-b367-0634eb268b40%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635020-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3De8635021-36f6-11ec-b367-0634eb268b40%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635022-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3De8635023-36f6-11ec-b367-0634eb268b40%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635024-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3De8635025-36f6-11ec-b367-0634eb268b40%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635026-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3De8635027-36f6-11ec-b367-0634eb268b40%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3De8635028-36f6-11ec-b367-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26ix_apnx_om%3D728x90_3%26ix_apnx_id%3D_WXRERVoG&eri=1&cust_params=no_pol%3Dtrue%26page%3Dindex%26pr%3Dccn%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26kuid%3D%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1635319464&dt=1635319464193&dlt=1635319462619&idt=503&frm=20&biw=1600&bih=1200&oid=2&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=233%2C1263%2C1805%2C2556%2C3109%2C3848%2C4494%2C4189%2C4731%2C4530%2C5072%2C4871%2C5436%2C5212%2C5754%2C5553&adks=4217552496%2C1341624894%2C931136440%2C3283421726%2C931136447%2C4217552501%2C931136446%2C4217552500%2C931136445%2C4217552503%2C931136444%2C4217552502%2C931136435%2C4217552505%2C931136434%2C4217552504&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fo.canada.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&ga_vid=1056215529.1635319463&ga_sid=1635319464&ga_hid=1556724397&ga_fc=true&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 4e9e63e476c8b361de4228d2656ad1fc5dc2ec8c9267700cf8fe89ab2c6296b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20766 x-xss-protection 0 google-lineitem-id 5428226561,5428226561,-2,5428226561,-2,5428226561,-2,5428226561,-2,5428226561,-2,5428226561,-2,5428226561,-2,5428226561 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138317570960,138317549636,-2,138317571287,-2,138317571311,-2,138317570972,-2,138317977759,-2,138317549642,-2,138317570894,-2,138317977663 content-type text/plain; charset=UTF-8 access-control-allow-origin https://o.canada.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 130685be087480c21db36906081b1001.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3193	6 KB 4 KB	52ms 15ms	Document text/html	172.217.16.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://130685be087480c21db36906081b1001.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 130685be087480c21db36906081b1001.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Wed, 27 Oct 2021 07:24:24 GMT expires Thu, 27 Oct 2022 07:24:24 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9bE7oz4B1MFDio5	43 B 106 B	16ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9bE7oz4B1MFDio5 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:23 GMT Server PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9bE7oz4B1MFDio5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET		sd us-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://x.bidswitch.net/sync?ssp=openx https://x.bidswitch.net/ul_cb/sync?ssp=openx https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=04613d72-09b2-4465-bfee-c0dae2bd7ad7 https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=04613d72-09b2-4465-bfee-c0dae2bd7ad7 https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=be5490fa-66e1-45af-a892-0d6230a3f518&user_group=1&ssp=openx&bsw_param=04613d72-09b2-4465-bfee-c0dae2bd7ad7 https://us-u.openx.net/w/1.0/sd?id=537072968&val=04613d72-09b2-4465-bfee-c0dae2bd7ad7	0 0
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8387288722029318154	43 B 122 B	15ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8387288722029318154 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:24 GMT X-Proxy-Origin 216.131.114.43; 216.131.114.43; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid db956300-5db3-4489-8910-6fe31ebb7cf2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8387288722029318154 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	redir rtb-csync.smartadserver.com/ Frame 36EC Redirect Chain https://match.prod.bidr.io/cookie-sync/ox https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFdVprN0M4ZjBBQUJ2U3V1RjNyQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b... https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEuZk7C8f0AABvSuuF3rA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3... https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEuZk7C8f0AABvSuuF3rA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...	43 B 163 B	50ms 16ms	Image image/gif	185.86.138.142 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEuZk7C8f0AABvSuuF3rA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT transfer-encoding chunked content-type image/gif Redirect headers location https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEuZk7C8f0AABvSuuF3rA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID Date Wed, 27 Oct 2021 07:24:24 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D https://eu-u.openx.net/w/1.0/sd?id=536872786&val=de3b6178-fea7-4c00-b2c0-1db4dc9a5080	43 B 106 B	18ms 17ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=536872786&val=de3b6178-fea7-4c00-b2c0-1db4dc9a5080 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Date Wed, 27 Oct 2021 07:24:24 GMT Server MT3 4044 0c7f252 master zrh-pixel-x31 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://eu-u.openx.net/w/1.0/sd?id=536872786&val=de3b6178-fea7-4c00-b2c0-1db4dc9a5080 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Wed, 27 Oct 2021 07:24:23 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=301PAY8ZGQHETx1fiE9VC4odS1jETk4OiBk19MFy	43 B 106 B	18ms 18ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=301PAY8ZGQHETx1fiE9VC4odS1jETk4OiBk19MFy Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=301PAY8ZGQHETx1fiE9VC4odS1jETk4OiBk19MFy cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	sd eu-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://c1.adform.net/serving/cookie/match?party=22 https://c1.adform.net/serving/cookie/match?CC=1&party=22 https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4079065175960191581	43 B 106 B	15ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4079065175960191581 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT server nginx location https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4079065175960191581 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	openx match.adsrvr.org/track/cmf/ Frame 36EC	70 B 264 B	33ms 32ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/openx?oxid=a8b51967-defc-3b56-7c6a-d8c061b266eb&gdpr=0 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 36EC	170 B 188 B	18ms 17ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRkYWNhYWQtMTc4Yi02NWYyLTY5OGEtODI3OWFiNTBhODhi Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 36EC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGh4r-qvBhVnqJnq5rBNmn8&google_cver=1	43 B 106 B	19ms 15ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGh4r-qvBhVnqJnq5rBNmn8&google_cver=1 Requested by Host: eu-u.openx.net URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=eda0710e-2847-4e25-9f9c-d56d6d9d553e&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://eu-u.openx.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGh4r-qvBhVnqJnq5rBNmn8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	embedded_player Show response www.youtube.com/youtubei/v1/ Frame CE82	46 KB 15 KB	72ms 71ms	Fetch application/json	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software ESF / Resource Hash fe25fadbe1d83798803895d5354e653d2542749a0841f30f72a96fb265beaa2b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20211024.01.01 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 X-Goog-Visitor-Id CgtGT01DTEl4NFRYVSin_eOLBg%3D%3D Content-Type application/json Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15503 x-xss-protection 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame CE82	4 KB 3 KB	43ms 21ms	Script text/javascript	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/9a0939d3/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 27 Oct 2021 07:24:24 GMT
GET H3	204	generate_204 www.youtube.com/ Frame CE82	0 9 B	8ms 6ms	Image text/plain	172.217.16.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?mp02Bw Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f142.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/dbdj3CmgjdU?autoplay=0&cc_load_policy=1&color=white&controls=1&enablejsapi=1&origin=https%3A%2F%2Fo.canada.com&playsinline=1&rel=0&playlist=dbdj3CmgjdU%2CvJpCbQon4CM%2CHF_km-jkFyA%2CgP5CocYB_TI%2Cxq-qQod3xuQ%2Cy3_ppwJ-v3A%2CNhhlM-43UaU%2COM6FCb2TGx4%2CSiHSIzAmybc&embed_config=%7B%22adsConfig%22%3A%7B%22adTagParameters%22%3A%7B%22iu%22%3A%22%2F3081%2Fccn.com%2Findex%22%2C%22cust_params%22%3A%22no_pol%253Dtrue%2526page%253Dindex%2526pr%253Dccn%2526sensitive%253Dn%2526negative%253Dn%2526ck%253Dindex%2526imp%253Dindex%2526kuid%253D%2526adt%253DveryLow%2526alc%253DveryLow%2526dlm%253DveryLow%2526drg%253DveryLow%2526hat%253DveryLow%2526off%253DveryLow%2526vio%253DveryLow%2526ias-kw%253D%2526fr%253Dfalse%2526cheetah%253Dy%22%2C%22ppid%22%3A%2200000000ppidp1896553012421377959%22%7D%2C%22nonPersonalizedAd%22%3Atrue%7D%7D&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/93/ Frame CE82	52 KB 15 KB	36ms 14ms	Script text/javascript	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/93/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 08:55:41 GMT content-encoding gzip x-content-type-options nosniff age 80923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15346 x-xss-protection 0 last-modified Thu, 23 Sep 2021 17:05:58 GMT server sffe vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="cloudview-release" expires Wed, 27 Oct 2021 08:55:41 GMT
POST		atr www.youtube.com/api/stats/ Frame CE82	0 0
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 4919	48 KB 14 KB	124ms 61ms	Script application/javascript	99.81.129.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=5428226561&pubCreative=138317570960&pubOrder=2722165668&cb=568583721&custom=index&custom2=1&adsafe_par&impId=e8635019-36f6-11ec-b367-0634eb268b40 Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-129-224.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 07030164f4b51bca513aa68c2cf430253c3d594897439e2e6ada549495dd8392 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-server-name app06.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/	0 0	30ms 30ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMQvJ6l82GzNkbNBh15UzmBH-_R_cmP-M5agoI8E_eRAdcVfoVAbYZGvlV3BoMoiDvkgzWMW0brCwvpLPugey3TBeP76YGm4lmo54ydbw3y3LL6dHbKNVzR4c7c-qN_MJWoC9dwnA6tVI5MF5bd6tyaU09qFX3CxgV4KSvHI8l7l2JgVAZ7v9fzp38AC763OFRcoRPhqi3a2zOnOX9hmKTzeIVd1cFFAUdvdBfMkWnylhPCIwTRu0i6wXnyymeOKGdBQvDeB8HLXALoZ-AFl-_pYW8xeILMdhEADkqKaG1DA&sig=Cg0ArKJSzA1HrpJUMpQPEAE&uach_m=[UACH]&adurl= Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 27 Oct 2021 07:24:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/	3 KB 2 KB	11ms 7ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:16:23 GMT content-encoding gzip x-content-type-options nosniff age 481 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 10 Nov 2021 07:16:23 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/	120 KB 37 KB	47ms 21ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635161763799786" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 27 Oct 2021 07:24:24 GMT
GET H3	204	l www.google.com/ads/measurement/	0 0	14ms 14ms	Image text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9KfmSzzU8x4PsSPSgkEIvrGsZpPzCXHGJ7IHHz4wPm4lK26nkUK97BirE6sV-nCzV_jNYNZZ4msLifNnTSPnZ_tvnDg Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	15445857025403017647 tpc.googlesyndication.com/simgad/	29 KB 29 KB	11ms 7ms	Image image/gif	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15445857025403017647 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 258fc7df3efdfc53a2db979b1b3c1b7ea71b2824fb4e15f637bb77143bd3c233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 18:10:51 GMT x-content-type-options nosniff age 134013 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29617 x-xss-protection 0 last-modified Tue, 21 Jul 2020 18:35:38 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 25 Oct 2022 18:10:51 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/	0 0	41ms 41ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuILLWie7gABIvrMY2aVcbb75l-8J2gtDcJgM8UZDhYBRXcPtq_h70MqwV3AOf0z6dh_wlEDxIOAOI65A_aTn8GXLkxYYDiEo0_xxPD7rrnfo2ZltnxvNW0z9fCbJ5ZsSjoeA5laiw_rMYjUeWiDhCjWenBeRIzss_838gSrwKZO9hRSdRvZBYhRDSNJ2HS6U1njAbX0Mf4WeA0P0Nv1Da1_RLB0AXhRUQ2MQsXUcsxVmWiIbrxY7pschbjHWQTsoN7ndlsi9-OH4O9XrC8FvXN0ZYdHKVS2rg8GnV7E7jkvTQd&sig=Cg0ArKJSzFDuruZ5qe4CEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 27 Oct 2021 07:24:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Wed, 27 Oct 2021 07:24:24 GMT
GET DATA	200 OK	truncated /	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11cef54e28b1d64c1682fed5501c44acd25cabbe6ccd5f83baef80748083823f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	43ms 21ms	XHR application/json	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102001&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 0702010a3559b3b22cbf0d4ef3c4c31f922aafe3748c2cd8b4e369509742f6c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8598 x-xss-protection 0
GET H2	200	main.gr.19.8.254.js Show response static.adsafeprotected.com/ Frame 4919	187 KB 60 KB	148ms 65ms	Script application/javascript	52.211.3.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.254.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=5428226561&pubCreative=138317570960&pubOrder=2722165668&cb=568583721&custom=index&custom2=1&adsafe_par&impId=e8635019-36f6-11ec-b367-0634eb268b40 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.3.71 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-3-71.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash a735b37c9a8c3b661aaae8aede4d5130ed16bb77601195629927521cba629a27 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip last-modified Mon, 25 Oct 2021 21:49:24 GMT server nginx/1.16.1 age 1 etag W/"a7295a572e90c9466b34e461a03e960e" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	39ms 23ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Wed, 27 Oct 2021 07:24:24 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame CEC4	12 KB 5 KB	7ms 7ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Wed, 27 Oct 2021 04:13:19 GMT expires Thu, 27 Oct 2022 04:13:19 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 11465 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 888D	783 B 535 B	16ms 16ms	Document text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash 94e5c608125d8e3618e8c5fb5b5ec137ea952db1dbbe6786241a8c0833236815 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-lJl5HEkwcm7gxmwXzO6cBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://o.canada.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Wed, 27 Oct 2021 07:24:24 GMT date Wed, 27 Oct 2021 07:24:24 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-lJl5HEkwcm7gxmwXzO6cBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame CEC4	35 KB 13 KB	21ms 7ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 26 Oct 2021 07:36:52 GMT content-encoding br x-content-type-options nosniff age 85652 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 26 Oct 2022 07:36:52 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 888D	0 0	73ms 61ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102001&jk=457552111574989&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 42ms	Image image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102001&jk=457552111574989&bg=!fX6lfjrNAAbUs_yW1LM7ACkAdvg8WsNcA5N67P0a-j2ulpimncr04wj1lOQ0Yw80GhM7GLLwGU87LgIAAABLUgAAAAdoAQeZAq0O49MqRP_90XveV8OLIdWMUrvdvgGLbzsLAtelHqFFbbptmbvqfK_QpyMWO87kiBDvDuXgJ9j9A2O6ZlPCTFsP4xWMotoUahovSf3ArT9r0hmbvXStp5ysPVg2V0Shvr3iV-cUgIhmP_iVEcbqbb3oY9ymZ13Ze9qTdYHxYy-pVhyNOCiZhVp4uYxT1VItQjXRLrxuQR3QBIoI0vRypgfsE3IfC6DPEL-Qzbvssgv8JlXefV1RhEjW-W4KyC6UHRlgjTQ1L0qSiqiaUzbukvd1yg0G-b5lROWfMVvfa8cnDlUHGDJc87O3Scg29jORACengyrk6iL_pTe5zh6BAqc6xZvvzp-SS-q1j0JWsqmzL4uuw-D6UTibMZAyAv_phuO-LMwIrbcm5Kai4qY_C67oDMjrtzGyF64xa23KEKqiBuThgesm1_ZJT3UQGM_0wIP4vybYF1uTjTZyY8w_-LLhbmU7qFfz00KzaFImlmUF7i-iEdJJAQt_vUlZ7y8L977jZbLys7eDLf3Zcb4KZ77pl-PJpt66uxlU68VTdSTvQS_et1VgNoUGQGnD6BN00L3CYxlgErvIV0aV9qxAZqc5eaQI3DDJ54M0faZPbOvMzUJBO7Ob6cMiyWtJI0_Y8fMI0SwYHWBsPkbFc2gWzZ6Qnbztx2yoFyqd-J8Hig0DMXy0bshmVlOry7uqQ0pbbXUhqOGW0gNhvQ_AAF_1V_JXeItEnHo1Th6z7R1ipq_1_bsq48i49zNOicoh63pSt17y5ix2HOmo8C2qWT44azavtvq2aFb2_flQo6A-WXHL9ip2hXQPTdP3xbI-ZIclRjVqEiXAc-HnMe_-MlmJ6GgdNpci4pCmjlhGOiFZltc-YOQm4MlVJ9lFYWEdrDpeQPMLXCmEWzCfTtKXK-4N Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame 25A3	80 KB 21 KB	31ms 31ms	Script application/javascript	52.211.3.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: o.canada.com URL: https://o.canada.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.3.71 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-3-71.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:25 GMT content-encoding gzip last-modified Thu, 19 Aug 2021 16:31:24 GMT server nginx/1.16.1 age 5790917 etag W/"9304f57298c3834ff107ea7ccb547996" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/	43 B 216 B	37ms 36ms	Image image/gif	99.81.129.224 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=5428226561&pubCreative=138317570960&pubOrder=2722165668&cb=568583721&custom=index&custom2=1&adsafe_par&impId=e8635019-36f6-11ec-b367-0634eb268b40&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:443ead26-a6d0-9157-32bd-a9832e2dcc88,c:se72hE,sl:inView,em:false,fr:true,thd:1,mn:app06ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:215,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:231,oid:e970c8c5-36f6-11ec-8a42-0a6d0b536c42,v:19.8.254,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-129-224.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:25 GMT x-server-name app05.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	264ms 86ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72hT,pingTime:0,time:245,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:230%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:245,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:230,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B27~100%5D,as:%5B27~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:25 GMT X-Server-Name dt48.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	262ms 87ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72hW,pingTime:-2,time:248,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:131,beZ:132,mfA:346,cmA:348,inA:348,inZ:353,prA:353,prZ:357,si:361,poA:362,poZ:374,cmZ:374,mfZ:374,loA:377,loZ:377,ltA:379,ltZ:379%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:230%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:248,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:230,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B29~100%5D,as:%5B29~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,slid:%5B%5D,sinceFw:17,readyFired:true%7D&br=c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:25 GMT X-Server-Name dt36.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	89ms 89ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72mW,pingTime:-10,time:558,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1635319465406%7C%7C359cc215fb5e1e7065896861b786209c%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C0e6bd0c913fdeffae0424d892dab5106%7C%7C398c96d3c06250c16023e0ce9094c855%7C%7Cee4dcdbb68795debde275302ea5226d0%7C%7Cb38ffaecdc877ff83620d4ae724104f3%7C%7C419893e778b59a64611b75ac13ed4a00%7C%7C1629390669%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:25 GMT X-Server-Name dt36.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/	42 B 64 B	64ms 39ms	Fetch image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssz0qOTmPKz9udIjeeoXXAUM0U3zF6tPRNovcahhT_fcTpJMhzH12MFf25ZYyJ_krwmmEs8LUvl--ScrhinfQImiMteOUS4NgRVpTgtrkHXvLCO8De6&sig=Cg0ArKJSzGJ39fKL9WNyEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4217552496&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635319461937&rpt=2870&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 27 Oct 2021 07:24:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	88ms 88ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72y3,pingTime:1,time:1247,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:230%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1247,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:230,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:91,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:26 GMT X-Server-Name dt36.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	89ms 88ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72y3,pingTime:1,time:1247,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:230%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1247,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:230,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:91,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:26 GMT X-Server-Name dt48.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 301 B	176ms 87ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=928934&asId=443ead26-a6d0-9157-32bd-a9832e2dcc88&tv=%7Bc:se72y4,pingTime:1,time:1248,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:230%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1248,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:230,wc:0.0.1600.1200,ac:0.0.300.250,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~300.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:91,fm:sN1vOMM+1*.928934%7C11%7C12,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Oct 2021 07:24:26 GMT X-Server-Name dt36.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H2	200	optout_check Show response beacon.krxd.net/	82 B 242 B	98ms 30ms	Script text/javascript	34.255.77.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/optout_check?callback=Krux.ns.postmedia.kxjsonp_optOutCheck Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.77.76 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-77-76.eu-west-1.compute.amazonaws.com Software / Resource Hash 088ec7490cdcab42b4589fbc9f823c83c0130a793160950b13ad9b7cb9ecb6b3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://o.canada.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 27 Oct 2021 07:24:26 GMT cache-control private, max-age=0, s-max-age=0 x-request-time D=37 t=1635319466 x-served-by beacon-n009-dub-prod.krxd.net content-type text/javascript
POST H2	202	events Show response jssdks.mparticle.com/v3/JS/cd4afed6a2719d439af431746c942e3c/	41 B 179 B	9ms 9ms	Fetch application/json	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v3/JS/cd4afed6a2719d439af431746c942e3c/events Requested by Host: jssdkcdns.mparticle.com URL: https://jssdkcdns.mparticle.com/js/v2/cd4afed6a2719d439af431746c942e3c/mparticle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 3a7635543a603dd275ef4d6355bdbf297144d7646bf9eff7aa7e4b3dfbda526b Request headers Accept text/plain;charset=UTF-8 Referer https://o.canada.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 27 Oct 2021 07:24:28 GMT content-encoding gzip server Kestrel x-timer S1635319468.352044,VS0,VE3 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-served-by cache-hhn4030-HHN vary Accept-Encoding x-cache MISS content-type application/json access-control-allow-origin * accept-ranges bytes via 1.1 varnish x-cache-hits 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

us-u.openx.net

URL

https://us-u.openx.net/w/1.0/sd?id=537072968&val=04613d72-09b2-4465-bfee-c0dae2bd7ad7

Domain

www.youtube.com

URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=aTbY0AC4HWCz5BHA&docid=dbdj3CmgjdU&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fo.canada.com%2F&lact=615&cl=405738658&mos=0&volume=100&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211024.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&dni=1&hl=de_DE&cr=US&len=152&fexp=23748147%2C23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082662%2C24101841%2C24116772&list=PLqRRaOIZ10cUeyt6CGmpOe1s3VcygGMEY&muted=0&vis=3