grainwiz.com Open in urlscan Pro
52.232.133.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grainwiz.com/
Effective URL:
https://grainwiz.com/
Submission: On August 12 via manual (August 12th 2022, 5:17:39 pm UTC) from US — Scanned from CA

Summary HTTP 210 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 49 IPs in 3 countries across 46 domains to perform 210 HTTP transactions. The main IP is 52.232.133.169, located in Québec, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is grainwiz.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 14th 2022. Valid for: a year.

This is the only time grainwiz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 57	52.232.133.169 52.232.133.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
2	23.4.225.174 23.4.225.174	16625 (AKAMAI-AS) (AKAMAI-AS)
7	35.83.53.88 35.83.53.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
11	54.243.94.111 54.243.94.111	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	63.140.38.117 63.140.38.117	14618 (AMAZON-AES) (AMAZON-AES)
7 7	44.205.56.98 44.205.56.98	14618 (AMAZON-AES) (AMAZON-AES)
6	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
4	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	15133 (EDGECAST) (EDGECAST)
7	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
11 20	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 1	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
5	104.77.220.151 104.77.220.151	16625 (AKAMAI-AS) (AKAMAI-AS)
6 12	3.83.73.204 3.83.73.204	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	34.231.251.31 34.231.251.31	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 2	108.138.128.56 108.138.128.56	16509 (AMAZON-02) (AMAZON-02)
1 1	52.20.189.152 52.20.189.152	14618 (AMAZON-AES) (AMAZON-AES)
1	54.163.172.200 54.163.172.200	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.223.247.87 3.223.247.87	14618 (AMAZON-AES) (AMAZON-AES)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	72.21.91.70 72.21.91.70	15133 (EDGECAST) (EDGECAST)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.147.170 52.92.147.170	16509 (AMAZON-02) (AMAZON-02)
1	184.29.133.169 184.29.133.169	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	192.35.249.127 192.35.249.127	11742 (SPOTX-IAD) (SPOTX-IAD)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	34.201.230.190 34.201.230.190	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:2800:21f... 2606:2800:21f:5b71:3e29:d001:be46:4bcc	15133 (EDGECAST) (EDGECAST)
6	2606:2800:220... 2606:2800:220:1410:489:141e:20bb:12f6	15133 (EDGECAST) (EDGECAST)
3	2606:2800:21f... 2606:2800:21f:c0ec:d236:5e26:ab36:2d30	15133 (EDGECAST) (EDGECAST)
13	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1 2	3.228.203.55 3.228.203.55	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4006:824::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:f059:4f7e:28a9:1588	27281 (QUANTCAST) (QUANTCAST)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.80.54.203 54.80.54.203	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20ed:c600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:13:... 2600:141b:13::17d7:8293	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:1f18:1ac... 2600:1f18:1aca:4281:4f5b:6550:560a:4298	14618 (AMAZON-AES) (AMAZON-AES)
2	20.42.73.140 20.42.73.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
210	49

57 52.232.133.169 (Québec, Canada) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

grainwiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.grainwiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.4.225.174 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-225-174.deploy.static.akamaitechnologies.com

www.bnc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.83.53.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-53-88.us-west-2.compute.amazonaws.com

dashboard.time.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.time.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.243.94.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-94-111.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nationalbankofcanada.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.117 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-117.data.adobedc.net

nationalbankofcanada.d2.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.205.56.98 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-56-98.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:809::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.165.130 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.77.220.151 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-151.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.83.73.204 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-73-204.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.251.31 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.56 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-56.jfk50.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.189.152 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-189-152.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.172.200 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-172-200.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.247.87 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-247-87.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.91.70 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.147.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

timely-api-public.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.133.169 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-133-169.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.127 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.201.230.190 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-230-190.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:21f:5b71:3e29:d001:be46:4bcc (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:21f:c0ec:d236:5e26:ab36:2d30 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80f::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.203.55 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-203-55.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2006 (New York, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN27281 (QUANTCAST, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.113 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.80.54.203 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-54-203.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ed:c600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:8293 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4281:4f5b:6550:560a:4298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.73.140 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	grainwiz.com 1 redirects grainwiz.com www.grainwiz.com	7 MB
31	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	84 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	341 KB
27	everesttech.net 21 redirects cm.everesttech.net — Cisco Umbrella Rank: 816 pixel.everesttech.net — Cisco Umbrella Rank: 2926 sync-tm.everesttech.net — Cisco Umbrella Rank: 623	10 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 801 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 538	94 KB
11	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1333 abs.twimg.com — Cisco Umbrella Rank: 1721 pbs.twimg.com — Cisco Umbrella Rank: 650 ton.twimg.com — Cisco Umbrella Rank: 5911	221 KB
11	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 188 nationalbankofcanada.demdex.net — Cisco Umbrella Rank: 294178	14 KB
9	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	171 KB
7	time.ly dashboard.time.ly events.time.ly — Cisco Umbrella Rank: 998112	110 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	280 KB
6	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453	6 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	4 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1505 m.addthis.com — Cisco Umbrella Rank: 1429	217 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 396 rtb.openx.net — Cisco Umbrella Rank: 1516	862 B
3	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 635	281 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	87 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 494	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 516	1 KB
2	pubmatic.com 1 redirects image2.pubmatic.com — Cisco Umbrella Rank: 869 image6.pubmatic.com — Cisco Umbrella Rank: 636	1 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 728	877 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1229 beacon.krxd.net — Cisco Umbrella Rank: 502	529 B
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 2359	695 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1014	1 KB
2	omtrdc.net nationalbankofcanada.d2.sc.omtrdc.net — Cisco Umbrella Rank: 249422	488 B
2	bnc.ca www.bnc.ca — Cisco Umbrella Rank: 275653	29 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1407	63 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 3380	462 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 925	770 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1083	464 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	572 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1674	782 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 442	1 KB
1	amazonaws.com timely-api-public.s3.us-west-2.amazonaws.com	46 KB
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2550	305 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 195	613 B
1	media6degrees.com 1 redirects idpix.media6degrees.com — Cisco Umbrella Rank: 2182	625 B
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 12886	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	696 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1662	22 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2137	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
210	46

	Domain	Requested by
53	grainwiz.com	1 redirects grainwiz.com az416426.vo.msecnd.net
20	cm.g.doubleclick.net	11 redirects grainwiz.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	grainwiz.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com az416426.vo.msecnd.net www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	pixel.everesttech.net	6 redirects grainwiz.com
10	dpm.demdex.net	www.bnc.ca grainwiz.com
8	sync-tm.everesttech.net	8 redirects
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net grainwiz.com
7	cm.everesttech.net	7 redirects
6	s0.2mdn.net	grainwiz.com s0.2mdn.net googleads.g.doubleclick.net
6	pbs.twimg.com	grainwiz.com
6	platform.twitter.com	grainwiz.com platform.twitter.com
5	dsum-sec.casalemedia.com	2 redirects grainwiz.com googleads.g.doubleclick.net
5	events.time.ly	dashboard.time.ly events.time.ly
4	ib.adnxs.com	2 redirects grainwiz.com googleads.g.doubleclick.net
4	www.google-analytics.com	grainwiz.com www.google-analytics.com events.time.ly
4	www.grainwiz.com	grainwiz.com
3	ton.twimg.com	platform.twitter.com ton.twimg.com
3	s7.addthis.com	events.time.ly s7.addthis.com
3	syndication.twitter.com	platform.twitter.com grainwiz.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	grainwiz.com
2	fw.adsafeprotected.com	1 redirects grainwiz.com
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	match.prod.bidr.io	2 redirects
2	sync.search.spotxchange.com	1 redirects grainwiz.com
2	us-u.openx.net	1 redirects grainwiz.com
2	pixel.rubiconproject.com	1 redirects grainwiz.com
2	sync.crwdcntrl.net	2 redirects
2	ads.scorecardresearch.com	2 redirects
2	ps.eyeota.net	2 redirects
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	nationalbankofcanada.d2.sc.omtrdc.net	www.bnc.ca grainwiz.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dashboard.time.ly	grainwiz.com dashboard.time.ly
2	www.bnc.ca	grainwiz.com
2	fonts.googleapis.com	grainwiz.com googleads.g.doubleclick.net
1	code.createjs.com	s0.2mdn.net
1	cc.adingo.jp	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	rtb.openx.net	1 redirects
1	odr.mookie1.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	abs.twimg.com	grainwiz.com
1	www.facebook.com	grainwiz.com
1	image2.pubmatic.com	grainwiz.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	timely-api-public.s3.us-west-2.amazonaws.com	events.time.ly
1	cdn.syndication.twimg.com	platform.twitter.com
1	beacon.krxd.net	grainwiz.com
1	usermatch.krxd.net	1 redirects
1	fei.pro-market.net	1 redirects
1	c.bing.com	1 redirects
1	idpix.media6degrees.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	az416426.vo.msecnd.net	grainwiz.com
1	nationalbankofcanada.demdex.net	www.bnc.ca
1	stackpath.bootstrapcdn.com	grainwiz.com
1	cdnjs.cloudflare.com	grainwiz.com
210	68

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.google.com
www.mozilla.org
www.apple.com
www.cmegroup.com
www.grainwiz.com
www.lebulletin.com
www.barchart.com

Subject Issuer	Validity	Valid
*.grainwiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
bnc.ca Entrust Certification Authority - L1K	`2022-04-27` - `2023-04-27`	a year	crt.sh
time.ly Amazon	`2021-11-25` - `2022-12-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.d2.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2022-06-22` - `2023-06-22`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://grainwiz.com/
Frame ID: 477E1B73BEEEFF7AE1943C91EA3EAA1A
Requests: 91 HTTP requests in this frame

Frame: https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 3DDF231F67B67849AA4C877BD43CA2F2
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: DEFC0A3DEF72FB5AB7BA500E985CE7FF
Requests: 1 HTTP requests in this frame

Frame: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050
Frame ID: 34DCB4E911287485DC7BE7380872067A
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fgrainwiz.com
Frame ID: 1D523C070D610D021A8207058F030CF3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&adk=1812271804&adf=3025194257&lmt=1660324651&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgrainwiz.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651161&bpp=6&bdt=865&idt=317&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4676881738418&frm=20&pv=2&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 51F0F14E565610707CA4BFE2B9A3D21F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=280&slotname=1627126101&adk=2258360673&adf=2733775641&pi=t.ma~as.1627126101&w=640&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgrainwiz.com%2F&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651167&bpp=4&bdt=871&idt=360&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P5gADkDtlp&p=https%3A//grainwiz.com&dtd=367
Frame ID: 630495CB305B1E0F049D08D2BE72838B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Frame ID: B46FBFBC540D309EF5749B092E84B93D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6EA9642D59B6A774E064715018B3B1E9
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E27F670ADD22C100131C6B3B2036FD27
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/2614.png
Frame ID: D5CE03F0F59A4F22C525F6B1C78BBA80
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7Ch4kCENOW5ZMCGNyJ7L0BMAE&v=APEucNWZk5Cpp_Gkhm4pX2StQiacdTYBzTmuwCKZX1pIp6xe-sNlcZoK-Yxbl7qX6E8Lknb29zg1o1l9qwmHM0Mh0U8DN7tRbA
Frame ID: A3F870C159FAEF782C368C041F8CF122
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dqlq44ntRR10zdFXW-AxljtyJZJvEtDjUVkd7jrDpOJMVJG_UqZUbtNvCUW0sei6T4Q1jgrCDbkBRzYmsff-uzzmgNzOj3HEOvYaFzRHJv2kLwStqSqZUBO71Oc55Ko8WL2F3Dilz1ZnOiSUOKsxipTYxbug&dbm_d=AKAmf-BiwfIkQo9lYwvNPhSoj76YCmB9_NQRqM-AK6ZowL2bTu5JP8Cc-b8cFtfsS6_PR1MZcz_yEuM_va5guwGVhHNo4rQgCVBtDaRua2aruU-GYVuS0q6UhGsryyg5FAOQBdLFKXrSNFTd61iaNXP98Nutnm3qj4pfOH8JNfHDMbQGVq3IjcLsy0h6dvJVzygYkPAgHYighj7c-_5PvZrjHs49xx2AnfvXxKAIeuNdX9I6zAOwIoYr6Lq2wx8LoA9wA4szc4-MxM4uQJCWmlqhrwkQr7knzL4dikRxZgRsa9zpevUfS9c_mWXztdv9jO9uDZHjT-MN_wHG4X0aJbAqjdAliH_gDXKdzVlSXlhpmfWMUPZk_-VJkzWixxsEDnRi99UCqj57u7-zyir_xsIee9VKX7PR0VGJkotWJamyDdKT4Os54aSH8zBVTxdgtGZnOfYRvkrt9pWGlngaReEng0zAdJxz1KUptCEcyoGcfm6dZfN48ynzmwKXHQh6doet56wWJEYACSOakDUTcmQ5bkQIh11mFlOwgZAAu9qAGcUK-S9AnN-asVwbr1Zi9bBHEcdqkt3QZNLBX4w2pzXPkxjGOCHZzbvaBdUrpEMqLR8qKLt50J0h7c2rYxw4KXUx86wMSe9ObfCmVdmC_bN6uJS7OTiTOByZxfwkMlXZROPb12W8e_nQCr905PZtXxTT7KGXfVE4k63yb6KKo6LoYFSsmtd2XPfwhCMzwJta0CRWVhhfpsFe7NdWIo7eALmKPg3qOwv9SbYEV2bXwnkylxpG3CEdHokyQotjUrsDQ1wzrmgRRHK-ouKH-t4vMjOsCAq_fp2NCxr90AKElVgyV-f9U768ySM3OUUKPcb3BFfmUCGyVdGWkAK4DrZ8iAAieH-9meuvlI--maGiAj8JuCrq8E6W6Wb_ZsaeVXXzxktX-0NgeMMQrRVwU1DC76FeZSM4PZziCdouZh9nngbqED2c78IYBeNNBp97e-1F3J5bqwrXgX7NFvPcKKPYsWIOZ6zDR8a58m00XX2GvR2p8zAd-CKdVqvDkj9m7DhpHAXwnv3Ksh2PW0R5l2C2NCfo4bjdsr8WObYl56hggVLyvrTxOvPNBrAOsb0p7rb2_FuqK_8JLhmiJQtICOxOq7NMvbOupkXe7okJ1iDGBC2EDiSGcNl8vIdRnDiXc1zdMPUN3O5Qi1d9wRjA5pof5jYfknc08l658xEIXYlrSDU5NjhFGhyQUaPlzaByyVyIbn3r4yshkpNNl1rLAtsMkM1rSd4aU-OKu4NQJKY4jx8VYIdtSwcaNTKZiADp5Hr2L7HX30ne-NKuFsRa4bL9OylenXOG-D4RExD_OYUefnHFuJAY-bXfsNbw6-FAzItOVUAXyrt0_34h5BgEuH2irjLyhQh4tkqCXaFCV6Iaq9FV97BLFHpSTcWFrgcALLUVfMs0Y3Kae0ezvlf0cId74J0jsNEjjUMtNWjHCwIASHbk__lZdbuzXxg6JXcjAKHjUitFqgQ3y2iU30Su0O7vySlm6TLojxHsgrzhiCjxGfYiNdAUaZnljZbiUIqnHxQt_aSB8UC_-AD9fbGlH9ePINdMV_qa_stUvw9elT8TF56bAGGjGBTAcq8HsDlBo_VnMm7aJVgXmU4qQAEE6kj7-UxFDxmMzY3XWGVLmyj83gw3jFFDHV8NR45PvzwzcT0rdsconY7y3LiWgKt6oHA8HuWPGuKG2Dr8vFbgcS7Wh3qyB945OeKCvWtrNfRg6c1iafjmQmPIMO9ybMHo1NJBaZdNKP-a_GXUO7cGVPIc_OMm8cdNtCR5S4LVie1J78NjRfK6sYT3ialY_z2DEDgLT0eGS99fEKx3NXP0hYsiT1MahtJ9KvMWZM4BbyHklqpSOPqVsQMtt11JWrCxpMS7OQaG4YAYsDD03eqHMMUduBJyH7AvFkynXw8uruvaX7cOJ5PUdEcSQYhb8-xE1_1HKuVmo5VLJG802hZQj5IqM9-nA0ID-6Mc4kdFwmi229CAwLOgxTHGXeBErnP1IaoMc8Dwf-XMRaofshInHlugD0u7lHRj9iJLKgcvCQALxStqGGlXU6W6AJBhwINOX8VaOUEF9fIqnCVNv_GdJRvVbgm0rP_8GiGf-c1tIxP_zFjZ6owPj6VqxrLjLkGDlA1HEN85A97Q-MIuEglTPkrFLfjRXqRowCmbhHB3rytlgv9AMYFIOikETY5fxeenf0KKbmGJdTYb0y1b1ObKQDcF9hJENI_Tw73C-C1DnyKJkXgtdP-WoMeFs1q4--P9RPelJWRrHoXVtcwz86Mww-SND8OF_NvgH-mHh3vS7WfIEouy6OWBKfXb9GiL7yK3-kgcrIEeoahyIxBzhAb_SuzeF7A9JsKvM-Ttyl-7vJOGzKG3eT4pmTFaJGjlLHLLul6k68aEhfJ1JYtf3F-EhAfRLAgFTUHOfnsVr5ud4Ah1f9AIsVVd7SkdGCgEEcoV5B76bs-Od_-rfGbAvHsWtc3XcUdqK27Neychs5B6P2F--5G7h1Pf_RLXduw50Kbif3wZL9MgK0S0o_3--XzSLvAyX9jQoRx_8lJgfzOGv4oYTr5bZNNp3dK46eFDtRJsIVKeCNIaH7h9GY8oHuXdmdR9doZYHlIRDWTG50tay7t0e0j7pXNGlfYNkaw5OrVjmbisG2oehgI1sIBxUOpYxhle2qBebdPUkUB-6Mnmf7s8MrLshnHXrbS1CxPTv70PGeF-Ds2im8WoEUnQc_Nl0jZdsWaDs1abRZxfDTbrPcJ_MPmkPn6Fii8CyVD-Cu81FNkVJEnB3P1F6TpqdpfQBY5zDp1acx_pXLMQ-2rQx-Rt4UicG5Qv2IZNFpzf3S_X6TDi2egzZ20Fg_xt2IOnPB5AF1Hs8KwPXnjfbtC0ouxmMMZDLgcZNyFDKcG4a41cfdCIggPzEaU4-W_3_HIS6GpWNNE2XnjoiNZ-57YWv21AtBkwIrvk-7iTQzMMeT5E3XI8Hjfx3ojdMlZnYp_Em82bz3_hM1vW8lvkPvPqJWx-7rlRpF7osG_B6nTnHknI4-aNPvticwsjtLg7&cid=CAASEuRoMlv6hbq53ycHo88_4yTSFQ&rfl=2%2Chttps%253A%252F%252Fgrainwiz.com%252F%240
Frame ID: 4A864D38714D47CCAF005032931B8526
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE34B157211403D5628A826CAC202B83
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: 7803BDF3B5C7ADA0055372CC6114AE29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 242F892079D47DED9487B42CE0BFF3FA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
Frame ID: 1FC90024A22EA1959ECA1C19E2D30598
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0D929DF5298284BBC6CB77F1D0AB6D76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4643856ABA334F7906AE51974D51AD05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 71C5B241E8D08225B245637AC3C71DAB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Actualité et analyse du marché des grains

Page URL History Show full URLs

http://grainwiz.com/ HTTP 301
https://grainwiz.com/ Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

210
Requests

83 %
HTTPS

44 %
IPv6

46
Domains

68
Subdomains

49
IPs

3
Countries

9008 kB
Transfer

12171 kB
Size

60
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Grainwiz/189250954488155

Search URL Search Domain Scan URL

URL: https://twitter.com/grainwiz

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/%E2%80%8E
Title: Google Chrome

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/fr/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.apple.com/ca/fr/safari/%E2%80%8E
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.cmegroup.com/
Title: Bourse de Chicago

Search URL Search Domain Scan URL

URL: http://www.grainwiz.com/industrie/partenaires/richardson
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/equipelafrance/
Title: Site Web

Search URL Search Domain Scan URL

URL: https://www.lebulletin.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/grainwiz/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.barchart.com/solutions/
Title: Toutes les données de marché sont fournies par Barchart Solutions.

Search URL Search Domain Scan URL

URL: https://www.barchart.com/solutions/terms
Title: avertissement.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grainwiz.com/ HTTP 301
https://grainwiz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=70142489505481542813619428153785939871 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvaLKgAAAJ6mvgNz

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzAxNDI0ODk1MDU0ODE1NDI4MTM2MTk0MjgxNTM3ODU5Mzk4NzE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzAxNDI0ODk1MDU0ODE1NDI4MTM2MTk0MjgxNTM3ODU5Mzk4NzE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHXPLnId5x3ckjJSujPUx2E&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 80

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=70142489505481542813619428153785939871 HTTP 302
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1cudwx74gsswb

Request Chain 88

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 89

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 90

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 91

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 92

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 93

https://c.bing.com/c.gif?uid=70142489505481542813619428153785939871&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1CD7CC1AC3E06B5B083FDDE4C2CA6A22

Request Chain 94

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 95

https://ps.eyeota.net/match?bid=6j5b2cv&uid=70142489505481542813619428153785939871&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=70142489505481542813619428153785939871&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 96

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70142489505481542813619428153785939871 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-3660949792850097997

Request Chain 97

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=70142489505481542813619428153785939871&rn=1660324650633&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70142489505481542813619428153785939871 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=70142489505481542813619428153785939871&rn=1660324650633&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70142489505481542813619428153785939871 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70142489505481542813619428153785939871

Request Chain 100

https://usermatch.krxd.net/um/v2?partner=adobe&id=70142489505481542813619428153785939871 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=70142489505481542813619428153785939871

Request Chain 101

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70142489505481542813619428153785939871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70142489505481542813619428153785939871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1395a95d691ba4c567173bd212527946

Request Chain 102

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZhTEtnQUFBSjZtdmdOeg==

Request Chain 104

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvaLKgAAAJ6mvgNz&expires=90

Request Chain 105

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz&C=1

Request Chain 115

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YvaLKgAAAJ6mvgNz HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvaLKgAAAJ6mvgNz

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvaLKgAAAJ6mvgNz HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YvaLKgAAAJ6mvgNz

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvaLKgAAAJ6mvgNz

Request Chain 118

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1&__user_check__=1&sync_id=a6958b90-1a62-11ed-9bd1-183ad5690403

Request Chain 119

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvaLKgAAAJ6mvgNz&t=2592000&o=0

Request Chain 120

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADg3E7F7RYAABBvZGHIRA?gdpr=0

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvaLLCr3fU3VfkOuKxb2DQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO7NaI3iK5pzYM71YTrOpI&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDgzODg0MTI3NTAzNDU5Mw%3D%3D

Request Chain 175

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOLetIjZHvje6glj2RJGRsg&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r_nFW75KKLWN6wjpMcKh9Lw57ynS7M7IdxmDvjvd2ml20cKaofC2NCJTJ39jY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r_nFW75KKLWN6wjpMcKh9Lw57ynS7M7IdxmDvjvd2ml20cKaofC2NCJTJ39jY&google_hm=MTA1OTcxMTA2NjQzMjU3MzEzMTM

Request Chain 176

https://rtb.openx.net/sync/dds?google_gid=CAESELTuZvreh8yKFvjeEY9Mlgw&google_cver=1&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQRx8imeZhxxPZEbgQuVdsC50Rd9vSTgiIyRylfrqyqWIaK2QWptb9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQRx8imeZhxxPZEbgQuVdsC50Rd9vSTgiIyRylfrqyqWIaK2QWptb9A&google_hm=ANoaTyZ7xIkmP3ClQxc0_Q==

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELs2jRYaWqXprfm0nUUN2FM&google_cver=1&google_push=AehlK4Dg7zv_7MipJO7RINZFS9KtavDfLn46HZ8-LAv0ZRQrJ5lu-_JGZ-pVJMOEPYvj07R7dvUmWhuU2fyMoLQv88ZmGTyM_lJ5cRyvgattDMWTfRNaM6KPOYxTbs-1_zUez3kAW0Rd_LKOEYZ-9ZLjV2o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RsI-YAoiTWO1o9XyfGeztQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Dg7zv_7MipJO7RINZFS9KtavDfLn46HZ8-LAv0ZRQrJ5lu-_JGZ-pVJMOEPYvj07R7dvUmWhuU2fyMoLQv88ZmGTyM_lJ5cRyvgattDMWTfRNaM6KPOYxTbs-1_zUez3kAW0Rd_LKOEYZ-9ZLjV2o

Request Chain 178

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECV7VaRjLnXKBWe-dfews28&google_cver=1&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKmpUFnssRdopWfbcfnoLZQkOXOA-jXw6V5-1um3kmgi-KayqiGD0W3mh9a2AEEb-ejZFirfCPkyGl-emg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRUUZHTjMtMUotNVA0RQ==&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKmpUFnssRdopWfbcfnoLZQkOXOA-jXw6V5-1um3kmgi-KayqiGD0W3mh9a2AEEb-ejZFirfCPkyGl-emg

Request Chain 179

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_cver=1&google_push=AehlK4AmroTVAuyK5DY5LeODb7WuOcJF4sFvbMRxnK7cecJtBXy9TQxvlsq1TYPAYI4qa1zcfjecN2BgPI9jSLPVbnKj5y7ZnMdGRxge6kUu6Tv6vgFdnhA-isl1XWFCJVpp0JWgnXJmG8l5f6h9gJRw3GU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_hm=YvaLLCr3fU3VfkOuKxb2DQAAAI0AAAAB&google_nid=index&google_push=AehlK4AmroTVAuyK5DY5LeODb7WuOcJF4sFvbMRxnK7cecJtBXy9TQxvlsq1TYPAYI4qa1zcfjecN2BgPI9jSLPVbnKj5y7ZnMdGRxge6kUu6Tv6vgFdnhA-isl1XWFCJVpp0JWgnXJmG8l5f6h9gJRw3GU

Request Chain 180

https://cc.adingo.jp/adx/push/?google_gid=CAESEOF0YpShe-JLxtKSRfEYaM8&google_cver=1&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVAB7ntzoaGItK9_qKAF9H4WMz6C-zWb9lzYGupMNVh90V685b46ac8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVAB7ntzoaGItK9_qKAF9H4WMz6C-zWb9lzYGupMNVh90V685b46ac8w&google_hm=6fcb77c2f4e5baccf6b68df624a773c9

Request Chain 184

https://fw.adsafeprotected.com/rfw/st/862982/60435755/4.js?ias_dspID=3&ias_campId=1008192749&ias_pubId=&ias_chanId=1&ias_placementId=17655690690&bidurl=https://grainwiz.com/&ias_dealId=&adContainerId=brand_safety_LIv2YsmQGdiToPwP69OxyAc&cbFunctionName=goog_wrapCb_LIv2YsmQGdiToPwP69OxyAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgrainwiz.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgrainwiz.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3289772909469903%26output%3Dhtml%26h%3D250%26slotname%3D2523670142%26adk%3D2105413356%26adf%3D3532071676%26pi%3Dt.ma~as.2523670142%26w%3D320%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1660324651%26rafmt%3D1%26psa%3D0%26format%3D320x250%26url%3Dhttps%253A%252F%252Fgrainwiz.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1660324651172%26bpp%3D1%26bdt%3D875%26idt%3D378%26shv%3Dr20220810%26mjsv%3Dm202208080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C640x280%26nras%3D1%26correlator%3D4676881738418%26frm%3D20%26pv%3D1%26ga_vid%3D77948574.1660324651%26ga_sid%3D1660324651%26ga_hid%3D254027359%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D960%26ady%3D1049%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31068486%26oid%3D2%26pvsid%3D1553051046220710%26tmod%3D1107984646%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DDQO5nyIowM%26p%3Dhttps%253A%2F%2Fgrainwiz.com%26dtd%3D387&adsafe_type=bd&adsafe_jsinfo=,id:fc04aa6e-6007-672f-b9f9-77c7c7ba5d77,c:l68pFK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57744db7bf-2klsv,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:nissan1,mtim:3,mot:0,app:0,maw:0,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:26,oid:a6cec81e-1a62-11ed-821c-e24f7401da14,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

210 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
grainwiz.com/
Redirect Chain

http://grainwiz.com/
https://grainwiz.com/

56 KB
57 KB

687ms
628ms

Document
text/html

52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://grainwiz.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d03e906db303d7268f0c19c8b4c1d398fb3c6f2e37985b98522e8936effaa0bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private
content-length: 57839
content-type: text/html; charset=utf-8
date: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

Content-Length: 144
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Aug 2022 17:17:28 GMT
Location: https://grainwiz.com/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 css-bundle
grainwiz.com/Content/css/ 233 KB
234 KB 47ms
45ms Stylesheet
text/css 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/Content/css/css-bundle?v=zvs5dskpHQUWAkZRJgtq4x3PL-SeJcOS3i3YH2P1_dM1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8e4625a989c407c7d061123f2904489aeaa9a106c159639f411a02f7d7003f3c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 238969
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 less-bundle
grainwiz.com/Content/css/ 355 KB
356 KB 98ms
97ms Stylesheet
text/css 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af64d5a25bc4dc089ed55d8639deb40b0e03fd7ea3837f76561c18b4869064a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 363897
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1011 B 102ms
38ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 17:15:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 Aug 2022 17:17:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Aug 2022 17:17:30 GMT

GET
H2 200 modernizr Show response
grainwiz.com/bundles/ 11 KB
11 KB 101ms
100ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 10999
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 jquery Show response
grainwiz.com/bundles/ 91 KB
91 KB 102ms
101ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/jquery?v=M6dmVkrHVhoZ1gfOtvVDZbgBcQTsbWxoLsRizcGkbPk1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef1ee418f6658e208bbda398f6216ac78dc40cc5577e1b91347334d5a19dca29

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 93072
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H/1.1 200
OK VisitorAPI.js Show response
www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/ 26 KB
11 KB 196ms
26ms Script
application/javascript 23.4.225.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.4.225.174 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-4-225-174.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9c7808f8e99aabb6e8f7295faf5e96fcb7386052fa4a7ffe7d7400479d811859

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bnc.ca .nbc.ca;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' *.bnc.ca *.nbc.ca;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Aug 2022 16:36:17 GMT
Server: Apache
ETag: "69aa-5e60de1a0b425-gzip"
Strict-Transport-Security: max-age=63072000;
Content-Type: application/javascript
Date: Fri, 12 Aug 2022 17:17:30 GMT
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 10596

GET
H/1.1 200
OK AppMeasurement.js Show response
www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/ 57 KB
18 KB 197ms
26ms Script
application/javascript 23.4.225.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/AppMeasurement.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.4.225.174 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-4-225-174.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d12a0d30f346e809bdceea8650532c61412880392c78634330350133ca69b58b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bnc.ca .nbc.ca;
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' *.bnc.ca *.nbc.ca;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Aug 2022 16:36:59 GMT
Server: Apache
ETag: "e361-5e60de4196587-gzip"
Strict-Transport-Security: max-age=63072000;
Content-Type: application/javascript
Date: Fri, 12 Aug 2022 17:17:30 GMT
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 18225

GET
H2 200 logo.png
grainwiz.com/Content/Images/ 7 KB
7 KB 89ms
81ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/logo.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb5ce95a59108f2da0501c20badc541998f08d37cda9f04d6eba98fe756dc1e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 7482
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 rss.png
grainwiz.com/Content/Images/ 667 B
716 B 83ms
75ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/rss.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6687520767fc35bf586668008e8e57801d074a4ee2bf2931d8a70031682c7bd3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 667
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icon-facebook.png
grainwiz.com/Content/Images/ 1 KB
1 KB 83ms
76ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/icon-facebook.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07c319f47f8d665899edb357df0c7be079284bc0db311346a748bfc44ce96ede

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1106
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icon-twitter.png
grainwiz.com/Content/Images/ 1 KB
1 KB 88ms
80ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/icon-twitter.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10003fc797dff0e2fb4886aebde4ec0f03d92bcf1909622180d6a015c93e746a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1286
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icon_maison.png
grainwiz.com/Content/Images/Icons/ 1 KB
1 KB 91ms
83ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/Icons/icon_maison.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a6e975d159b4b266bb809f17c1a30d0c50227bc09366bd5390af6d7ba70a78da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1151
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 print.css
grainwiz.com/Content/Css/ 258 B
308 B 115ms
111ms Stylesheet
text/css 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/Content/Css/print.css
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49ad6c529a7a5a4f6c65be2d5cd7945e54d8cad056813602d7e1afa101064a0f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: text/css
accept-ranges: bytes
content-length: 258
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 AdobeStock_10988145-3_300.jpg
grainwiz.com/Content/Upload/ 114 KB
115 KB 91ms
84ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/AdobeStock_10988145-3_300.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6b35b609dd897393a89bd4136038edee6f283fb0cc9b2892552e132db410b48b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Thu, 11 Aug 2022 21:23:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "235bee88c8add81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 117138
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 BN_2D_4c.jpg
grainwiz.com/Content/Upload/ 40 KB
40 KB 94ms
86ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/BN_2D_4c.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9999b9970937a55eca193aa7702cebaf1609a2483b22fed806c662860dafc1a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 07 Dec 2018 22:12:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9081a1e9798ed41:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 40966
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 logo%20TGCQ_horizon_sans%20edition.jpg
grainwiz.com/Content/Upload/ 29 KB
29 KB 100ms
92ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/logo%20TGCQ_horizon_sans%20edition.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e7a765f95812ecb3e764f937108a02997cc941adf0d20d214b7155cd0ecd3b75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 24 Mar 2017 23:40:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8215b81f8a4d21:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 29428
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 log.png
grainwiz.com/Content/Upload/ 55 KB
55 KB 103ms
95ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/log.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c6b72be229813abf6b465a8472cc41824b43cc751a7b827809a123e9747c2c05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Wed, 16 Jan 2019 01:15:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de44aee938add41:0"
content-type: image/png
accept-ranges: bytes
content-length: 55852
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 sun.png
grainwiz.com/Content/Images/ 692 B
733 B 99ms
92ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/sun.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c79a666ff40092caed60c0407c8b199b508fbff2db871f34d53e09cec313816d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 692
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 Richardson-Logo.png
grainwiz.com/Content/Upload/ 25 KB
26 KB 101ms
94ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/Richardson-Logo.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44c007b8b6a670abccbeab1d59c5cdef3a388c78264fb7bea0d7fddd0624ff6a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 24 Mar 2017 22:11:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d777e5a0eba4d21:0"
content-type: image/png
accept-ranges: bytes
content-length: 26024
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 Entreprise_lafrance_coul-1.jpg
grainwiz.com/Content/Upload/ 124 KB
125 KB 103ms
97ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/Entreprise_lafrance_coul-1.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cfb15551a7419ed5078cc0a979872f359c71ad7179471fc6e2d9a8c72a457c0a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Tue, 10 Jul 2018 16:22:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ccc268286a18d41:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 127363
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 logo-calendrier.png
grainwiz.com/Content/Images/ 2 KB
2 KB 116ms
110ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/logo-calendrier.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5f8fd19c8c5b2af3b0dc9d27698c7df62781461c530aab8477d7191ec6c09788

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1845
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 embed.js Show response
dashboard.time.ly/js/ 209 B
672 B 284ms
88ms Script
application/javascript 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.time.ly/js/embed.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

39c5d987dbe039c6bb433ddd30073f9305fd45b4cee59f8b791e6c014dd37c1c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 16:17:32 GMT
server: nginx
etag: W/"62f1371c-d1"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 banniere-nouvelles.png
grainwiz.com/Content/Images/ 4 KB
4 KB 118ms
111ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/banniere-nouvelles.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a7576f279ff8ab6c3da0eec3cb53a07b71166ceccc21ba428711cfb3fe319d05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 3698
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 61
grainwiz.com/meteo/image/ 56 KB
57 KB 138ms
131ms Image
image/gif 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/meteo/image/61
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aef46ba347c06ad90d5ce01277840b35948a66159a0ac4c90ec1d3168deb5aa0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:30 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
content-length: 57844
expires: -1

GET
H2 200 carte-commercants.jpg
grainwiz.com/Content/Images/ 18 KB
18 KB 106ms
99ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/carte-commercants.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 68aaa339b88a6730f0b6ff02d231d5d3dc64731cc15136b0b3569573e8308328

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 18561
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icon-contributeurs.png
grainwiz.com/Content/Images/ 1 KB
1 KB 106ms
100ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/icon-contributeurs.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44ecb7493dbbc375188648d34b1b3c66d4985a73c1ac8590011a1fedc062ae41

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1119
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 grainwiz.png
grainwiz.com/Content/Images/Contributors/ 4 KB
4 KB 107ms
101ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/Contributors/grainwiz.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 83eed0736c5f05f6f59db5203ac8d325b047b9ec34479f05417d92d6093b29a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 4086
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 RJO.png
grainwiz.com/Content/Upload/ 4 KB
4 KB 108ms
102ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/RJO.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d6321a89dedbc881047d17987ace671223affed5133a41ddffd9e36b0ff58cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 24 Mar 2017 22:11:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b226a4a0eba4d21:0"
content-type: image/png
accept-ranges: bytes
content-length: 3791
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 Dollarphotoclub_94717183-1.png
grainwiz.com/Content/Upload/ 2 MB
2 MB 118ms
112ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/Dollarphotoclub_94717183-1.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9e8d8702068db672f2aa99fb189b3e3697328b7545096b31b6deb8fe59911210

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sat, 25 Mar 2017 00:23:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c1a25f6fda4d21:0"
content-type: image/png
accept-ranges: bytes
content-length: 2111706
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 Podcasts%20Agricoles%20Transparent.PNG
grainwiz.com/Content/Upload/ 143 KB
143 KB 110ms
104ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/Podcasts%20Agricoles%20Transparent.PNG
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 560303e7d056045cc03ab878f71b013e6abe91ddb23f526485b66c4ed3ec455a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sat, 19 Feb 2022 12:32:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d7d20c08c25d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 146309
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 IMG_2859.jpg
grainwiz.com/Content/Upload/ 2 MB
2 MB 151ms
146ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/IMG_2859.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 59ad41a614fdffcbcddaefa3b42a6b93526f7d4a9780ec2f7b35091ac9bb59e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 17 Aug 2018 14:13:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cd872f783436d41:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2008982
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 Shaw1email%20-%20Version%203-2.jpg
grainwiz.com/Content/Upload/ 92 KB
92 KB 108ms
103ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Upload/Shaw1email%20-%20Version%203-2.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: daab7e2668e7de6a47bf0b5bad0fc0a10daffe725a6d458d5440f38f4aab8259

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 24 Mar 2017 22:11:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "bcd5948ceba4d21:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 94436
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icons8-facebook-48.png
www.grainwiz.com/Content/Images/Icons/footer/ 460 B
541 B 384ms
280ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grainwiz.com/Content/Images/Icons/footer/icons8-facebook-48.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 856d449b541105219c13a28db9933d3f26f2142d9e58593671b21d9a84f1d05a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 16 Dec 2018 21:29:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "42be46618695d41:0"
content-type: image/png
accept-ranges: bytes
content-length: 460
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icons8-twitter-48.png
www.grainwiz.com/Content/Images/Icons/footer/ 808 B
888 B 383ms
279ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grainwiz.com/Content/Images/Icons/footer/icons8-twitter-48.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ddabc4152720fd26d4507a1e4a2d0f486978386e0dffa968ddb5d31adf0b633

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 16 Dec 2018 21:25:05 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "868812d08595d41:0"
content-type: image/png
accept-ranges: bytes
content-length: 808
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 icons8-secured-letter-48.png
www.grainwiz.com/Content/Images/Icons/footer/ 859 B
967 B 382ms
278ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grainwiz.com/Content/Images/Icons/footer/icons8-secured-letter-48.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9ad7ee4e2f85b083f1fb5aa15242dec537bdfff2c21cc62f08f5e54c742a5bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 16 Dec 2018 21:26:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "cfede7138695d41:0"
content-type: image/png
accept-ranges: bytes
content-length: 859
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 cmegroup-logo.png
www.grainwiz.com/Content/Images/icons/ 8 KB
8 KB 384ms
280ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.grainwiz.com/Content/Images/icons/cmegroup-logo.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a4d7b52eeb5960f2883f8eeb0a863141f5d835d3e26df146dd1773272426db98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sat, 30 Dec 2017 14:16:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "689d2ac97881d31:0"
content-type: image/png
accept-ranges: bytes
content-length: 8154
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 libs Show response
grainwiz.com/bundles/ 646 KB
646 KB 33ms
32ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/libs?v=K3Xuig6PttC86sRmQBXa8I34pUmxmJq6B7nQ_mvjhGA1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 634787dcbca83f18751bc5ae0378ef7fdce3a5674624441b2c67b47541067998

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 661157
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 tinymce.min.js Show response
grainwiz.com/Content/Scripts/tinymce/ 272 KB
92 KB 72ms
63ms Script
application/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/Content/Scripts/tinymce/tinymce.min.js
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d45e7ef2e0220f1c61197c20c33ec8652e0dc6a753ef49437b5ee637f3fcbea4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: gzip
etag: "0374d37e020d81:0"
last-modified: Sun, 13 Feb 2022 13:47:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 94040
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 globalize.culture.fr-CA.js Show response
grainwiz.com/Content/Scripts/jquery/globalize/cultures/ 2 KB
2 KB 76ms
67ms Script
application/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/Content/Scripts/jquery/globalize/cultures/globalize.culture.fr-CA.js
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dca663d76b688d67e57975b970fbd786b7159dbf91ac4feff8ce4ce80416b4a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: application/javascript
accept-ranges: bytes
content-length: 1906
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 61ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
Origin: https://grainwiz.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 177480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6451
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57aWwbSg%2FXpU4G4PZGvsjVw5kI%2BqUEvje5l4%2BkMB%2BoDs0kYFy3kG31STJtqPABnIcbm%2FsQay5dpacg41i9UAjxKEhRLaaDAX1%2FQZZAZUrl759XDQNdpYonCj%2BTgypq8%2FKNzcsCRmQIU3AZ4LZBx%2F4QJs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 739add6a1b9d7156-YUL
expires: Wed, 02 Aug 2023 17:17:30 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 74ms
31ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
Origin: https://grainwiz.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 845
age: 366519
cdn-cachedat: 07/13/2022 17:30:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"67176c242e1bdc20603c878dee836df3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e5bec6a6d2024458cd0eb5afdadaeaa0
cf-ray: 739add6a1a82713e-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
56 KB 117ms
53ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3289772909469903

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5217d3ee7f2c6f03a62436a6278d72c4494279a42006ea7eb188598ee3d61c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Origin: https://grainwiz.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57238
x-xss-protection: 0
server: cafe
etag: 17775031971440960083
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 17:17:30 GMT

GET
H2 200 cyprexjs Show response
grainwiz.com/bundles/ 16 KB
17 KB 90ms
82ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/cyprexjs?v=Ey6QESygOmwrpHvZ9LidNVxWVatMF6zIIxpXHR-OOls1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dfbaddc502250e4498ac7abcf93d6c1c429d958aeabc77e21953a29985519341

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 16862
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 basecalculation Show response
grainwiz.com/bundles/ 98 KB
99 KB 79ms
70ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/basecalculation?v=hqcDdftkMBMQXw5H_UVWzK1Ysgb1VCD-QjbFTnDmOkA1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 07e47eb1574ade22717f46f70ee505f5336465030efececa379f2f08f7c749b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 100825
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 dashboard Show response
grainwiz.com/bundles/ 101 KB
101 KB 85ms
76ms Script
text/javascript 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/bundles/dashboard?v=WhJQMmf-S0eAG83cZrQVs5euNaa3cKwjXOyoA7-h8vw1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3bb05ac6dc0543527909bf8c4431d3495a5009816ca74e64e7572e4ae9696c61

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Fri, 12 Aug 2022 17:17:30 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 103114
expires: Sat, 12 Aug 2023 17:17:30 GMT

GET
H2 200 bg_iStock_000004323586.jpg
grainwiz.com/Content/Images/ 413 KB
413 KB 28ms
28ms Image
image/jpeg 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg_iStock_000004323586.jpg
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 646cf227054240548b28e93d538f780a7a639ccea08a6fefe6e082c098420a29

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 422844
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 124ms
34ms XHR
application/json 54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.10.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1E24776A524450D90A490D44%40AdobeOrg&d_nsid=0&ts=1660324650524

Requested by

Host: www.bnc.ca
URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

7bd94899742fe20aed702296fa131f8aa99e20955319776620567062349a341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-2-v038-0558056b7.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: rI0qiE+jSho=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://grainwiz.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1637
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 83ms
19ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grainwiz.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 10:20:51 GMT
x-content-type-options: nosniff
age: 284199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 10:20:51 GMT

GET
H/1.1 200
OK dest5.html Show response
nationalbankofcanada.demdex.net/ Frame 3DDF 7 KB
3 KB 157ms
29ms Document
text/html 54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: www.bnc.ca
URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-2-v038-0a833101a.edge-va6.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MV1lBKtcTEI=
content-encoding: gzip
date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Wed, 3 Aug 2022 12:17:30 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
nationalbankofcanada.d2.sc.omtrdc.net/ 2 B
265 B 115ms
35ms XHR
application/x-javascript 63.140.38.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nationalbankofcanada.d2.sc.omtrdc.net/id?d_visid_ver=1.10.0&d_fieldgroup=A&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&mid=75443738351864418054313978897078894203&ts=1660324650815

Requested by

Host: www.bnc.ca
URL: https://www.bnc.ca/content/dam/bnc/fr/outils/adobeanalytics/VisitorAPI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.117 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-117.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://grainwiz.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YvaLKgAAAJ6mvgNz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=70142489505481542813619428153785939871
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvaLKgAAAJ6mvgNz

42 B
940 B

29ms
29ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvaLKgAAAJ6mvgNz

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-08a91816e.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PWBCp9p0TjY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvaLKgAAAJ6mvgNz
Date: Fri, 12 Aug 2022 17:17:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 bg-partenaires.png
grainwiz.com/Content/Images/ 998 B
1 KB 83ms
82ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg-partenaires.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 539067c6cc4f1b6196b8b5f5fd524cae861ec45de5079a6f246305576f7ba057

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 998
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 bg-calendrier.png
grainwiz.com/Content/Images/ 1001 B
1 KB 83ms
82ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg-calendrier.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82550845c6fff872fe8b14cc19ea7f7bf4551412224aa262d091b26a21dad63d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1001
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 embedCalendar.js Show response
dashboard.time.ly/js/ 6 KB
3 KB 88ms
88ms Script
application/javascript 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.time.ly/js/embedCalendar.js?v=0.11.84

Requested by

Host: dashboard.time.ly
URL: https://dashboard.time.ly/js/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a52e81725f7086f0536b8ffa8426362a5a14ec3e1c6554dae3424828559d6883

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 16:16:45 GMT
server: nginx
etag: W/"62f136ed-189a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 113ms
17ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: 71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Content-Encoding: gzip
Age: 192
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29203
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 21:01:21 GMT
Server: ECS (nyb/1D23)
Etag: "2db8c3ce16d9541818f0d180a9ea89b1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 bg-nouvelles.png
grainwiz.com/Content/Images/ 990 B
1 KB 37ms
36ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg-nouvelles.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bad50f3f6e46248680672883253594e60d609074c57cdc552fcd4b41fb21e2d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 990
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 puce.png
grainwiz.com/Content/Images/ 1 KB
1 KB 31ms
30ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/puce.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ee90c47e19befb7ada80b49fb24cbf39da452d32ec60bff99baf63ea257f808

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1188
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 bg-twitter.png
grainwiz.com/Content/Images/ 991 B
1 KB 35ms
35ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg-twitter.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d83861d426ae115a195853ee1b98d6755038a4836949cf3153ddc5dae29abef6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 991
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 bg-footer.png
grainwiz.com/Content/Images/ 1 KB
1 KB 28ms
27ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/bg-footer.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e2959c2e7d430fd57517dc460af066bedc099ee9d0dc85cfedc357b809c000a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/Content/css/less-bundle?v=jchT4Z5afHfYUJmbYW2gf8ZZA-a6UlQ4WkT29rrp2eE1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:30 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 1182
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
22ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 910
date: Fri, 12 Aug 2022 17:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Aug 2022 19:02:21 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 75ms
19ms Script
application/x-javascript 2606:2800:11f:17a5:191a:18d5:537:22f9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/79DC) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 416
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (nya/79DC)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8d9cc51f-f01e-0041-7c6e-aeb091000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 12 Aug 2022 17:47:31 GMT

POST
H2 200 data Show response
grainwiz.com/basecalculation/ 1 KB
1 KB 39ms
39ms XHR
application/json 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/basecalculation/data
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/bundles/basecalculation?v=hqcDdftkMBMQXw5H_UVWzK1Ysgb1VCD-QjbFTnDmOkA1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: db97d7c393aa5e4bd5eaeed2270dc4e8886d8255fd7f7225610dffd6c311a215

Request headers

Accept: application/json, text/plain, */*
Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
cache-control: private
content-length: 1257

POST
H2 200 data Show response
grainwiz.com/dashboard/ 928 B
968 B 31ms
30ms XHR
application/json 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/dashboard/data
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/bundles/dashboard?v=WhJQMmf-S0eAG83cZrQVs5euNaa3cKwjXOyoA7-h8vw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5d9b7e765b7d070b9b53b62562c5b05201dbce113bf2301366163d5dd44e7cb

Request headers

Accept: application/json, text/plain, */*
Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
cache-control: private
content-length: 928

GET
H2 200 ds4.aspx Show response
grainwiz.com//marketdata/ds/gw/ 150 B
262 B 128ms
128ms XHR
text/html 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com//marketdata/ds/gw/ds4.aspx
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/bundles/dashboard?v=WhJQMmf-S0eAG83cZrQVs5euNaa3cKwjXOyoA7-h8vw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0560bf8bc327fef92bafc9d026eb84d2e26410c2aa1a212be8402f536360b4c6

Request headers

Accept: application/json, text/plain, */*
Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
x-aspnetmvc-version: 5.2
last-modified: Fri, 12 Aug 2022 17:17:31 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html
cache-control: public, max-age=1
content-length: 150
expires: Fri, 12 Aug 2022 17:17:32 GMT

GET
H2 200 s36407443722697
nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcapartner-sites/1/JS-1.7.0/ 43 B
223 B 26ms
26ms Image
image/gif 63.140.38.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcapartner-sites/1/JS-1.7.0/s36407443722697?AQB=1&ndh=1&pf=1&t=12%2F7%2F2022%2017%3A17%3A31%205%200&mid=75443738351864418054313978897078894203&aamlh=7&ce=UTF-8&g=https%3A%2F%2Fgrainwiz.com%2F&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c11=1%3A00pm&v11=D%3Dc11&c12=friday&v12=D%3Dc12&v70=grainwiz.com&c75=75443738351864418054313978897078894203&v75=75443738351864418054313978897078894203&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.117 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-117.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 17:17:31 GMT
server: jag
etag: 3565520040377221120-4619673576538079859
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: image/gif;charset=utf-8
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11 Aug 2022 17:17:31 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 340 KB
120 KB 105ms
65ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3289772909469903

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c44ae8f460289be138ea47a1208041407a96af49b883a67dc6ef9a2509d0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122746
x-xss-protection: 0
server: cafe
etag: 6364659919277578310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 17:17:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame DEFC 10 KB
5 KB 66ms
19ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3289772909469903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 26070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 10:03:01 GMT
etag: 8616628553774171045
expires: Fri, 26 Aug 2022 10:03:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ds6.aspx Show response
grainwiz.com/marketdata/ds/gw/ 1 KB
1 KB 79ms
79ms XHR
text/html 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/marketdata/ds/gw/ds6.aspx?ticker=ZCU2022,ZSU2022,ZWU2022,HEV2022,LEV2022,D6U2022
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/bundles/dashboard?v=WhJQMmf-S0eAG83cZrQVs5euNaa3cKwjXOyoA7-h8vw1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebb781830c811c336a6abc3edcfd58ef77338b51231de042830fd3767b406c82

Request headers

Accept: application/json, text/plain, */*
Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
x-aspnetmvc-version: 5.2
last-modified: Fri, 12 Aug 2022 17:17:31 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *
content-type: text/html
cache-control: public, max-age=1
content-length: 1057
expires: Fri, 12 Aug 2022 17:17:32 GMT

GET
H2 200 alert.png
grainwiz.com/Content/Images/ 562 B
603 B 27ms
27ms Image
image/png 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/Content/Images/alert.png
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b82ede4c2ea1c01332bcff3a29babdf31e6bcc7d603920f83a6f6034bbfde46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
last-modified: Sun, 13 Feb 2022 13:47:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a1c36e020d81:0"
content-type: image/png
accept-ranges: bytes
content-length: 562
expires: Sun, 29 Mar 2020 00:00:00 GMT

GET
H2 200 pncc99g Show response
events.time.ly/ Frame 34DC 8 KB
4 KB 155ms
147ms Document
text/html 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050

Requested by

Host: dashboard.time.ly
URL: https://dashboard.time.ly/js/embedCalendar.js?v=0.11.84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b2064d3dbb9f3c86615749674f615191019e26b858d1fd36400c16f8557f1b98

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 17:17:31 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H/1.1 200
OK widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html Show response
platform.twitter.com/widgets/ Frame 1D52 320 KB
104 KB 18ms
18ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fgrainwiz.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0E) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 52692
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Aug 2022 17:17:31 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 73ms
32ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=254027359&t=pageview&_s=1&dl=https%3A%2F%2Fgrainwiz.com%2F&ul=en-us&de=UTF-8&dt=Actualit%C3%A9%20et%20analyse%20du%20march%C3%A9%20des%20grains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=2009378976&gjid=999184518&cid=77948574.1660324651&tid=UA-6932165-2&_gid=619980555.1660324651&_r=1&_slc=1&z=1388620434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://grainwiz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 72ms
34ms XHR
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=254027359&t=pageview&_s=1&dl=https%3A%2F%2Fgrainwiz.com%2F&ul=en-us&de=UTF-8&dt=Actualit%C3%A9%20et%20analyse%20du%20march%C3%A9%20des%20grains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=364278349&gjid=235182675&cid=77948574.1660324651&tid=UA-6932165-1&_gid=619980555.1660324651&_r=1&_slc=1&z=2043098818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://grainwiz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 saveunits Show response
grainwiz.com/dashboard/ 4 B
42 B 28ms
28ms XHR
application/json 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://grainwiz.com/dashboard/saveunits
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://grainwiz.com/
Request-Id: |LL6c6.KPu0W
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
cache-control: private
content-length: 4

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEHXPLnId5x3ckjJSujPUx2E&google_cver=1
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzAxNDI0ODk1MDU0ODE1NDI4MTM2MTk0MjgxNTM3ODU5Mzk4NzE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzAxNDI0ODk1MDU0ODE1NDI4MTM2MTk0MjgxNTM3ODU5Mzk4NzE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHXPLnId5x3ckjJSujPUx2E&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

45ms
44ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHXPLnId5x3ckjJSujPUx2E&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-0d8ae8c88.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OnHPy7qSSZg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHXPLnId5x3ckjJSujPUx2E&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
696 B 85ms
34ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=grainwiz.com&callback=_gfp_s_&client=ca-pub-3289772909469903&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

a791b036f035c95e4d359ec4db11cc5fc6946788dcf4731891a77a84efde0b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 118ms
38ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=grainwiz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 93ms
40ms Script
application/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grainwiz.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51F0 0
19 B 132ms
91ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&adk=1812271804&adf=3025194257&lmt=1660324651&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgrainwiz.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651161&bpp=6&bdt=865&idt=317&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4676881738418&frm=20&pv=2&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 17:17:31 GMT
expires: Fri, 12 Aug 2022 17:17:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1D52 512 B
519 B 153ms
54ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=76efe5ebaceb5d76424398f216b7db0713ffbe80

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fgrainwiz.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

7a304c3e59405b2d9f573db90b5086b3e892167b187cfd03165aa1e3c4ccc030

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 12 Aug 2022 17:17:30 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 17:17:31 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 997a5f2f24c895b7d50c630311d736afbc0278bfde4256903a8c9225d068322a
content-length: 240

GET
H/1.1

200
OK

ibs:dpid=992&dpuuid=1cudwx74gsswb
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=70142489505481542813619428153785939871
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1cudwx74gsswb

42 B
940 B

37ms
31ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=992&dpuuid=1cudwx74gsswb

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-0b0710250.edge-va6.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: dmvWXr1jQ/M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://dpm.demdex.net/ibs:dpid=992&dpuuid=1cudwx74gsswb
cache-control: no-cache
cf-ray: 739add708a15ece2-YUL
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6304 80 KB
29 KB 688ms
680ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=280&slotname=1627126101&adk=2258360673&adf=2733775641&pi=t.ma~as.1627126101&w=640&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgrainwiz.com%2F&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651167&bpp=4&bdt=871&idt=360&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P5gADkDtlp&p=https%3A//grainwiz.com&dtd=367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61475581cf6ab82b4d9791f8c645e69a627668dd8e52818cd47b91cd7211cb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30062
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 17:17:32 GMT
expires: Fri, 12 Aug 2022 17:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 91ms
32ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6932165-2&cid=77948574.1660324651&jid=2009378976&gjid=999184518&_gid=619980555.1660324651&_u=IEDAAEAAAAAAAC~&z=2125955941

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Aug 2022 17:17:31 GMT
content-type: text/plain
access-control-allow-origin: https://grainwiz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 91ms
34ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6932165-1&cid=77948574.1660324651&jid=364278349&gjid=235182675&_gid=619980555.1660324651&_u=IEDAAEABAAAAAC~&z=1235343012

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Aug 2022 17:17:31 GMT
content-type: text/plain
access-control-allow-origin: https://grainwiz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B46F 21 KB
10 KB 752ms
752ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96db8ef4732bc17a5078036abed6c7ad1c76907df0cb366a2263b600272efb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 17:17:32 GMT
expires: Fri, 12 Aug 2022 17:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 theme.css
events.time.ly/pncc99g/ Frame 34DC 180 KB
23 KB 184ms
177ms Stylesheet
text/css 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.time.ly/pncc99g/theme.css?themeId=416927

Requested by

Host: events.time.ly
URL: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c8ec17603e3e27d88581f0464a7c2a62f278751b66243aac8b99d820faaf03f9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With

GET
H2 200 require.js Show response
events.time.ly/calendar/js/lib/ Frame 34DC 17 KB
7 KB 94ms
88ms Script
application/javascript 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.time.ly/calendar/js/lib/require.js?v=0.11.84

Requested by

Host: events.time.ly
URL: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6b7e43ffe66d56470e72454e42176805a059221b74a9f9e2af80c9b71cd8bfe3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 16:16:47 GMT
server: nginx
etag: W/"62f136ef-45ec"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 34DC 353 KB
114 KB 128ms
35ms Script
application/javascript 104.77.220.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: events.time.ly
URL: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-151.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Fri, 12 Aug 2022 17:17:31 GMT
x-host: s7.addthis.com
content-length: 116323

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESENVk-D5STpcSxwJ36704UAQ&google_cver=1
https://pixel.everesttech.net/1x1

128 B
691 B

28ms
27ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEN...
https://pixel.everesttech.net/1x1

128 B
796 B

25ms
23ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

24ms
22ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

27ms
26ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

24ms
23ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=1CD7CC1AC3E06B5B083FDDE4C2CA6A22
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://c.bing.com/c.gif?uid=70142489505481542813619428153785939871&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1CD7CC1AC3E06B5B083FDDE4C2CA6A22

42 B
940 B

44ms
32ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1CD7CC1AC3E06B5B083FDDE4C2CA6A22

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v038-063f53717.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TeXYopB9RBY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF380111773846ED9E2B86975034732C Ref B: YTO01EDGE0410 Ref C: 2022-08-12T17:17:31Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1CD7CC1AC3E06B5B083FDDE4C2CA6A22
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 3DDF
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXZhTEtnQUFBSjZtdmdOeg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

26ms
25ms

Image
image/png

3.83.73.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 3.83.73.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-73-204.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 12 Aug 2022 17:17:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=70142489505481542813619428153785939871&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=70142489505481542813619428153785939871&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
958 B

29ms
27ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-0039afc87.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: l/lPUGtASV0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Fri, 12 Aug 2022 17:17:31 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=-3660949792850097997
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70142489505481542813619428153785939871
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-3660949792850097997

42 B
940 B

36ms
35ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-3660949792850097997

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-0b31cf1cb.edge-va6.demdex.com 9 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hfcldI+CRXw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp9.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-3660949792850097997
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=70142489505481542813619428153785939871
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=70142489505481542813619428153785939871&rn=1660324650633&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D701424895054815...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=70142489505481542813619428153785939871&rn=1660324650633&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D70142489505481...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70142489505481542813619428153785939871

42 B
940 B

91ms
63ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70142489505481542813619428153785939871

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v038-09b47acc4.edge-va6.demdex.com 8 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bQpvePdGTgo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=70142489505481542813619428153785939871
date: Fri, 12 Aug 2022 17:17:31 GMT
via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
content-length: 0
x-amz-cf-id: c6b4DlaSfKaQxbhP0cfnWBNfe-ArnDo1jZJAmFMtyXgdc82aiQw0Tg==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js Show response
platform.twitter.com/js/ 25 KB
8 KB 19ms
18ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.0077362cedfc3f5894ac8f9171c2dfd9.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: 5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Content-Encoding: gzip
Age: 52692
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 8086
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (nyb/1D23)
Etag: "de123dc04bbf19def7476a4c0045075f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.55e8262747461cf415fb59f1ac3ec11e.js Show response
platform.twitter.com/js/ 21 KB
7 KB 42ms
22ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55e8262747461cf415fb59f1ac3ec11e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D23) /
Resource Hash: 7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:31 GMT
Content-Encoding: gzip
Age: 52688
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length: 6582
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:06 GMT
Server: ECS (nyb/1D23)
Etag: "f99606e4608647fe92f8f2be88fe578f+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3DDF
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=70142489505481542813619428153785939871
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=70142489505481542813619428153785939871

0
338 B

81ms
23ms

Image
text/plain

54.163.172.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=70142489505481542813619428153785939871
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Server: 54.163.172.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-172-200.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1660324651
x-served-by: beacon-n009-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=70142489505481542813619428153785939871
date: Fri, 12 Aug 2022 17:17:31 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=1395a95d691ba4c567173bd212527946
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70142489505481542813619428153785939871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=70142489505481542813619428153785939871?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1395a95d691ba4c567173bd212527946

42 B
940 B

38ms
34ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1395a95d691ba4c567173bd212527946

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v038-063f53717.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: T9zIwuHZQgI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1395a95d691ba4c567173bd212527946
cache-control: no-cache
x-server: 10.40.44.213
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZhTEtnQUFBSjZtdmdOeg==

170 B
188 B

37ms
37ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZhTEtnQUFBSjZtdmdOeg==

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660324652.892844,VS0,VE0
x-served-by: cache-yul12824-YUL
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZhTEtnQUFBSjZtdmdOeg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 130 KB
11 KB 247ms
144ms Script
application/javascript 72.21.91.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_Grainwiz_old&dnt=false&domain=grainwiz.com&lang=fr&screen_name=Grainwiz&suppress_response_codes=true&t=1844805&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.91.70 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2fc3c0aa5808f7e4d933fc5ad8530632c9f4d10730c45fd10e0750da00fcc216

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=127
content-length: 10960
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 106
last-modified: Fri, 12 Aug 2022 17:17:31 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 46e900c7921c8408fa2d3f82abd544aadf93e5a43982d8f0982059595f6d83a1
timing-allow-origin: *
x-transaction: f3085a288575026d
expires: Fri, 12 Aug 2022 17:22:31 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvaLKgAAAJ6mvgNz&expires=90

42 B
755 B

106ms
24ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvaLKgAAAJ6mvgNz&expires=90
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660324652.927975,VS0,VE0
x-served-by: cache-yul12824-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvaLKgAAAJ6mvgNz&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz&C=1

43 B
946 B

76ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz&C=1
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 739add737e76542b-YYZ
pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNpcEtG31Yx2%2BzP6Rfw63dT0BuCv6FFZKJ61Kx9NqrvAq9kdB6X0MjXjz6BzBrAb7aWABbQecN%2F7gLNQH2ti4T%2Fm912ymaDiD5fhk%2BeR%2Fe8dFClL8NKYbHu92PbxuUKL6MMt5cUjWXlDaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GjzF4VV1FU%2F%2BNazBIxxk%2B%2FEHamjB4GpmO777AwfUjZRf0Xwv3SwBXAT%2BQyL2ZbgUpuEwHuEXCCSA0zvxFxsuGh1NgW0lewzuHepmaRZM4xOwKe6n5jC4VEm4wsynKcqipjd0OlF9sUHoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=YvaLKgAAAJ6mvgNz&C=1
cache-control: no-cache
cf-ray: 739add72f9eda202-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK 167944_phpufhVWE_small.png
timely-api-public.s3.us-west-2.amazonaws.com/ Frame 34DC 45 KB
46 KB 402ms
104ms Image
image/jpeg 52.92.147.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timely-api-public.s3.us-west-2.amazonaws.com/167944_phpufhVWE_small.png
Requested by: Host: events.time.ly
URL: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.147.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee61150ae49092a53d352d8cd975a133b9596bb3cb15316ae97b6439eaf1d9ed

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:33 GMT
Last-Modified: Thu, 13 Dec 2018 12:21:42 GMT
Server: AmazonS3
x-amz-request-id: 72BX3X42QNEAYAS1
ETag: "5de0ce6f2a5fa280fb555a4635ac094a"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 46400
x-amz-id-2: Nutp8XMxstgOiU/Fqsx0r8vA4UTEfz0ciIJAM6FJ6Jk7XQFwvp2JjtltV3cpNClGT86QVKsBaJM=

GET
H2 200 timely.ttf
events.time.ly/fonts/ Frame 34DC 13 KB
13 KB 102ms
88ms Font
application/octet-stream 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.time.ly/fonts/timely.ttf?0.11.84

Requested by

Host: events.time.ly
URL: https://events.time.ly/pncc99g/theme.css?themeId=416927

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a334b6389d9dc474a86d1c0f09595ce7127c56f30d3366f541a172ff3224e3de

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://events.time.ly/pncc99g/theme.css?themeId=416927
Origin: https://events.time.ly
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
last-modified: Wed, 27 Jul 2022 17:12:57 GMT
server: nginx
etag: "62e17219-32fc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
date: Fri, 12 Aug 2022 17:17:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With
content-length: 13052
accept-ranges: bytes

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 34DC 2 KB
1 KB 79ms
18ms Script
application/x-javascript 184.29.133.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.133.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-133-169.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 23B28664DCEA9EF7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51122
accept-ranges: bytes
content-length: 948
x-amz-id-2: AySDnc4uRjW9Th6WvSZfrFG03ojfW1Xc9SiULhzo6VNG69N0xYQoufNtgaRAnzXIDkZKs4hiwts=

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 34DC 49 KB
20 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: events.time.ly
URL: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 910
date: Fri, 12 Aug 2022 17:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Aug 2022 19:02:21 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57ffd3b9b2880ed7/ Frame 34DC 2 KB
782 B 222ms
187ms Script
application/javascript 104.77.220.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57ffd3b9b2880ed7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-220-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c544b45e7ad8449c73c69ff2306cf09c4feac428d95ac05a758191d9024627ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
etag: -887042013--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=8, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 606

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ Frame 34DC 102 B
943 B 363ms
135ms Script
application/javascript 104.77.220.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62f68b2b3aba3d6b&bkl=0&bl=1&pdt=221&sid=62f68b2b3aba3d6b&pub=ra-57ffd3b9b2880ed7&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=events.time.ly&dr=grainwiz.com&fp=pncc99g%3Fview%3Dstream%26range%3Ddays%26days%3D7%26notoolbar%3D1%26id%3Dtimely_497925050&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1660324651918&jsl=0&skipb=1&callback=addthis.cbs.jsonp__130012560963963960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-220-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0159e6c04c1dbc757f226a5c2b4061a54fbf98ddc52cde179009b608ca8d5d09

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 102
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 6EA9 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame E27F 71 KB
26 KB 62ms
61ms Document
text/html 104.77.220.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-151.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://events.time.ly/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 12 Aug 2022 17:17:31 GMT
etag: W/"5ed917ff-11adc"
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 calendar.js Show response
events.time.ly/calendar/js/ Frame 34DC 186 KB
59 KB 93ms
93ms Script
application/javascript 35.83.53.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.time.ly/calendar/js/calendar.js?v=0.11.84

Requested by

Host: events.time.ly
URL: https://events.time.ly/calendar/js/lib/require.js?v=0.11.84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.83.53.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-83-53-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

21f5ba95d508d21579e0b128dd9f238f8b216449c56b64a01391d58c23567a45

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/pncc99g?view=stream&range=days&days=7&notoolbar=1&id=timely_497925050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:31 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 16:17:32 GMT
server: nginx
etag: W/"62f1371c-2e8b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-security-policy: default-src * data: blob: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; frame-ancestors *;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Auth-Token,X-CustomHeader,X-Mx-ReqToken,X-Requested-With

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YvaLKgAAAJ6mvgNz
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvaLKgAAAJ6mvgNz

43 B
1 KB

58ms
58ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvaLKgAAAJ6mvgNz

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 17:17:32 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 684a6198-d408-4e7a-b5a5-50a667b8428d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 17:17:32 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbf9a474-25c7-4e63-b877-c3eb2082337c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvaLKgAAAJ6mvgNz
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvaLKgAAAJ6mvgNz
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YvaLKgAAAJ6mvgNz

43 B
61 B

61ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YvaLKgAAAJ6mvgNz
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YvaLKgAAAJ6mvgNz
date: Fri, 12 Aug 2022 17:17:32 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvaLKgAAAJ6mvgNz

1 B
451 B

82ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvaLKgAAAJ6mvgNz
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660324652.979952,VS0,VE0
x-served-by: cache-yul12824-YUL
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvaLKgAAAJ6mvgNz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1&__user_check__=1&sync_id=a6958b90-1a62-11ed-9bd1-183ad5690403

43 B
549 B

31ms
29ms

Image
image/gif

192.35.249.127
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1&__user_check__=1&sync_id=a6958b90-1a62-11ed-9bd1-183ad5690403
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: HTTP/1.1
Server: 192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 364
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 12 Aug 2022 17:17:32 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YvaLKgAAAJ6mvgNz&img=1&__user_check__=1&sync_id=a6958b90-1a62-11ed-9bd1-183ad5690403
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 313
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 3DDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvaLKgAAAJ6mvgNz&t=2592000&o=0

43 B
572 B

132ms
76ms

Image
image/gif

2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvaLKgAAAJ6mvgNz&t=2592000&o=0

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:17:32 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: oYsrYSp/AR4LhtTv3qV/kOyQntnFcM9MKDy55PlFx9UTSGWBi0mYFsCr0MIOEf1rjW/yrJL3aCVHOAoUlI0OWg==
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Fri, 12 Aug 2022 10:17:32 PDT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660324652.012915,VS0,VE0
x-served-by: cache-yul12824-YUL
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvaLKgAAAJ6mvgNz&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AADg3E7F7RYAABBvZGHIRA
dpm.demdex.net/ Frame 3DDF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADg3E7F7RYAABBvZGHIRA?gdpr=0

42 B
940 B

28ms
28ms

Image
image/gif

54.243.94.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADg3E7F7RYAABBvZGHIRA?gdpr=0

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

HTTP/1.1

Server

54.243.94.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-94-111.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nationalbankofcanada.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v038-0d349e098.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: d8YxxTZRSrg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADg3E7F7RYAABBvZGHIRA?gdpr=0
Date: Fri, 12 Aug 2022 17:17:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 2614.png
abs.twimg.com/emoji/v2/72x72/ Frame D5CE 1 KB
1 KB 100ms
21ms Image
image/png 2606:2800:21f:5b71:3e29:d001:be46:4bcc
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2614.png

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:5b71:3e29:d001:be46:4bcc , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/477E) /

Resource Hash

a3f64b268a1207fab3c3ac24b1ebe936605e715356da7fbdbed312ae08834605

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 4823916
x-ton-expected-size: 1058
x-cache: HIT
content-length: 1058
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:59 GMT
server: ECAcc (nyb/477E)
etag: "qkADSxxCJdDEmbsqmzTEPw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: aef827ce3cd52dac691c6cecc80f705c166e47cc4ecddb7fe5165848eb26394c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Sat, 12 Aug 2023 17:17:32 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame D5CE 53 KB
12 KB 20ms
20ms Stylesheet
text/css 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:32 GMT
Content-Encoding: gzip
Age: 52693
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:04 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 9 KB
9 KB 20ms
20ms Image
text/css 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D1A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 17:17:32 GMT
Content-Encoding: gzip
Age: 52693
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 20:59:04 GMT
Server: ECS (nyb/1D1A)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 QmAJvvOP_normal.jpg
pbs.twimg.com/profile_images/1001187988473200640/ Frame D5CE 2 KB
2 KB 136ms
18ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1001187988473200640/QmAJvvOP_normal.jpg

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D19) /

Resource Hash

3eb5828013a74e1584e007c0f58af7391054301587c61c930a04bfdfbf3834b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 370698
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 1883
x-response-time: 16
surrogate-key: profile_images profile_images/bucket/3 profile_images/1001187988473200640
last-modified: Mon, 28 May 2018 19:44:32 GMT
server: ECS (nyb/1D19)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cb9713eaa58a4aab98c63d5bea468721ee2c87fbce5b406b1135172b46d378c4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZ88WOFXgAERzBP
pbs.twimg.com/media/ Frame D5CE 54 KB
54 KB 137ms
19ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZ88WOFXgAERzBP?format=png&name=360x360

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1C) /

Resource Hash

11b75a0b5fed078ad67bd8e95bdbe78d7ef03844325feac114f0832627339ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 24582
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 55243
x-response-time: 45
surrogate-key: media media/bucket/8 media/1558030348528877569
last-modified: Fri, 12 Aug 2022 09:57:16 GMT
server: ECS (nyb/1D1C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b8b5d870ce9a5b02a82b79bcbcf739d4b5ffaa2365f20c021cc598742784f42d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZ7nYn6VUAEgPxr
pbs.twimg.com/media/ Frame D5CE 32 KB
32 KB 154ms
36ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZ7nYn6VUAEgPxr?format=jpg&name=360x360

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1B) /

Resource Hash

7b771e71a3eef771815d01448136686f2359bcf68c4ef223039ffdb16092a47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 44851
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 32992
x-response-time: 49
surrogate-key: media media/bucket/5 media/1557936931333296129
last-modified: Fri, 12 Aug 2022 03:46:04 GMT
server: ECS (nyb/1D1B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b525a5b2aa8326fc4ba6188b9e77e25ee8f2600be01bae8ddb937a32cb67e0a0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZ6KO5KVsAErFJt
pbs.twimg.com/media/ Frame D5CE 34 KB
35 KB 154ms
37ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZ6KO5KVsAErFJt?format=jpg&name=360x360

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D0F) /

Resource Hash

d4ef5873f1022937376cdd3e3c10e83fbf8ef498619f3d76a5d24935c92b6d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 72986
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 35302
x-response-time: 84
surrogate-key: media media/bucket/5 media/1557834509583757313
last-modified: Thu, 11 Aug 2022 20:59:04 GMT
server: ECS (nyb/1D0F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: af78e5ee13d42787f7be017958739f030cd7c511f0b6e13d80b8c417ce96a904
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZuZNfmaIAgIoQa
pbs.twimg.com/media/ Frame D5CE 13 KB
14 KB 156ms
39ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZuZNfmaIAgIoQa?format=jpg&name=360x360

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D04) /

Resource Hash

d946d57c165c42205d43e24f79dfb66a6cf5c69ff7f20768433dc39bc411c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 270360
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 13757
x-response-time: 38
surrogate-key: media media/bucket/8 media/1557006553286582280
last-modified: Tue, 09 Aug 2022 14:09:04 GMT
server: ECS (nyb/1D04)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ab8d21675ef5d96b746af22a4ef51347194ab4a91d1abc30604c7b987eaed13d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZp2IACX0AIS9Ab
pbs.twimg.com/media/ Frame D5CE 19 KB
20 KB 171ms
54ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZp2IACX0AIS9Ab?format=jpg&name=360x360

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyb/1D1B) /

Resource Hash

1ce6c20a3d64fddcc82ca7399a10dc14d187f732ec5516bb156a2562a807301c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
age: 345623
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 19805
x-response-time: 64
surrogate-key: media media/bucket/9 media/1556686501030907906
last-modified: Mon, 08 Aug 2022 16:57:18 GMT
server: ECS (nyb/1D1B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e0c005dd7baf7817752d9a83a33fd42a605d272e6a136ca653fb4d10d4e7c5c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame D5CE 44 KB
7 KB 84ms
19ms Stylesheet
text/css 2606:2800:21f:c0ec:d236:5e26:ab36:2d30
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46CB) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107334
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (nyb/46CB)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: b027d5435b8aa4a6d31a851055ea15d697dc183c9f8a07a7bbc985582e4561c9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 19 Aug 2022 17:17:32 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 86ms
21ms Image
text/css 2606:2800:21f:c0ec:d236:5e26:ab36:2d30
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46CB) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107334
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (nyb/46CB)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: b027d5435b8aa4a6d31a851055ea15d697dc183c9f8a07a7bbc985582e4561c9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 19 Aug 2022 17:17:32 GMT

GET
DATA 200
OK truncated
/ Frame D5CE 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D5CE 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D5CE 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame D5CE 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 34DC 263 KB
76 KB 42ms
41ms Script
application/javascript 104.77.220.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.151 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-151.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.time.ly/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 12 Aug 2022 17:17:32 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 css
fonts.googleapis.com/ Frame 6304 4 KB
621 B 85ms
40ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=280&slotname=1627126101&adk=2258360673&adf=2733775641&pi=t.ma~as.1627126101&w=640&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgrainwiz.com%2F&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651167&bpp=4&bdt=871&idt=360&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P5gADkDtlp&p=https%3A//grainwiz.com&dtd=367

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 17:11:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 Aug 2022 17:17:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Aug 2022 17:17:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6304 2 KB
982 B 80ms
27ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:15:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 6304 23 KB
10 KB 73ms
21ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:13:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6304 3 KB
1 KB 63ms
29ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:15:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6304 140 KB
44 KB 98ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 17:17:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 6304 17 KB
8 KB 75ms
24ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:15:30 GMT

GET
H2 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 6304 33 KB
14 KB 77ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 03:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 03:35:03 GMT

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
133 B 48ms
47ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgrainwiz.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22grainwiz%22%2C%22widget_data_source%22%3A%22profile%3AGrainwiz%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1660324652252%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=76efe5ebaceb5d76424398f216b7db0713ffbe80

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 8
date: Fri, 12 Aug 2022 17:17:31 GMT
last-modified: Fri, 12 Aug 2022 17:17:32 GMT
server: tsa_b
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: 997a5f2f24c895b7d50c630311d736afbc0278bfde4256903a8c9225d068322a
strict-transport-security: max-age=631138519
content-length: 43

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
357 B 51ms
51ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fgrainwiz.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22grainwiz%22%2C%22widget_data_source%22%3A%22profile%3AGrainwiz%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1660324652253%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22b7df0f50e1ec1%3A1659558317797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=76efe5ebaceb5d76424398f216b7db0713ffbe80

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 11
pragma: no-cache
last-modified: Fri, 12 Aug 2022 17:17:32 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 997a5f2f24c895b7d50c630311d736afbc0278bfde4256903a8c9225d068322a
x-transaction: e375c8b069a2827b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6304 0
0 48ms
47ms Fetch
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYhqbK4v2YtudI-Sq0_wPquGH4AG_9d_uas_23NnQENzZHhABIPzPph5g_eiigfADoAH55Y6KA8gBCakCF4FfzbBCsT6oAwHIA8sEqgTMAU_QaBNoadvGwK18Nlxww3sbQSxlWT2ph34j1hzdHKPBHRJjZ1Ke8609XUd3UOeW1vsgSBRF_uCINS-3QQK6VmDpXgJReBrbAhFPrr7vPHitDAW478aH2DOlzZv4JMOa12RoyVHFMG7NrRmab7kTvqoVa6LX08IGVisbkdTTh6VvDe4dOPbIG0mpzq7c_njPQzda3oNphmjyYG7WYMFjjl7P5Uy4AsZzIfmC6OWL340oODx7yBEH2xAnDdZLmy2kuZdE53JoODLFDwd_fMAElpaYk_sDkgUECAQYAZIFBAgFGASgBi6AB--Z8XWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC-4ATSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTMyODk3NzI5MDk0Njk5MDMYAA&sigh=6daGYyosPds&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=280&slotname=1627126101&adk=2258360673&adf=2733775641&pi=t.ma~as.1627126101&w=640&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=640x280&url=https%3A%2F%2Fgrainwiz.com%2F&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651167&bpp=4&bdt=871&idt=360&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=320&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P5gADkDtlp&p=https%3A//grainwiz.com&dtd=367
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Aug 2022 17:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8549374010156039774/ Frame 6304 2 KB
3 KB 33ms
32ms Image
image/png 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8549374010156039774/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9416aca672bff227bcbbbcda358a781cf9f9cdb26bd8055f5ed99e3dd2f03b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:27:16 GMT
x-content-type-options: nosniff
age: 265816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2495
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 09:40:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 15:27:16 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8893343622847523987/ Frame 6304 30 KB
31 KB 35ms
34ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8893343622847523987/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5fbe25e6a063573c28374980b46cdd080eb292f88ca23d8c53d0d1d90907530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:46:10 GMT
x-content-type-options: nosniff
age: 264682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31193
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:18:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Aug 2023 15:46:10 GMT

GET
DATA 200
OK truncated
/ Frame 6304 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg
ton.twimg.com/tfw/assets/ Frame D5CE 829 B
553 B 20ms
19ms Image
image/svg+xml 2606:2800:21f:c0ec:d236:5e26:ab36:2d30
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/assets/news_stroke_v1_78ce5b21fb24a7c7e528d22fc25bd9f9df7f24e2.svg

Requested by

Host: ton.twimg.com
URL: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:21f:c0ec:d236:5e26:ab36:2d30 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nyb/46CC) /

Resource Hash

5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218727
x-ton-expected-size: 829
x-cache: HIT
vary: Accept-Encoding
content-length: 395
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (nyb/46CC)
etag: "CTUg6L9PuY+d9h5xpE0zmw=="
strict-transport-security: max-age=631138519
content-type: image/svg+xml
access-control-allow-origin: *
x-connection-hash: 19fdd92b0331b7f7f65e3ba926bae64ca810d8d86e1a57dd10e43ba6de111d52
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 19 Aug 2022 17:17:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A3F8 624 B
297 B 37ms
37ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7Ch4kCENOW5ZMCGNyJ7L0BMAE&v=APEucNWZk5Cpp_Gkhm4pX2StQiacdTYBzTmuwCKZX1pIp6xe-sNlcZoK-Yxbl7qX6E8Lknb29zg1o1l9qwmHM0Mh0U8DN7tRbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 17:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4A86 94 KB
36 KB 80ms
80ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dqlq44ntRR10zdFXW-AxljtyJZJvEtDjUVkd7jrDpOJMVJG_UqZUbtNvCUW0sei6T4Q1jgrCDbkBRzYmsff-uzzmgNzOj3HEOvYaFzRHJv2kLwStqSqZUBO71Oc55Ko8WL2F3Dilz1ZnOiSUOKsxipTYxbug&dbm_d=AKAmf-BiwfIkQo9lYwvNPhSoj76YCmB9_NQRqM-AK6ZowL2bTu5JP8Cc-b8cFtfsS6_PR1MZcz_yEuM_va5guwGVhHNo4rQgCVBtDaRua2aruU-GYVuS0q6UhGsryyg5FAOQBdLFKXrSNFTd61iaNXP98Nutnm3qj4pfOH8JNfHDMbQGVq3IjcLsy0h6dvJVzygYkPAgHYighj7c-_5PvZrjHs49xx2AnfvXxKAIeuNdX9I6zAOwIoYr6Lq2wx8LoA9wA4szc4-MxM4uQJCWmlqhrwkQr7knzL4dikRxZgRsa9zpevUfS9c_mWXztdv9jO9uDZHjT-MN_wHG4X0aJbAqjdAliH_gDXKdzVlSXlhpmfWMUPZk_-VJkzWixxsEDnRi99UCqj57u7-zyir_xsIee9VKX7PR0VGJkotWJamyDdKT4Os54aSH8zBVTxdgtGZnOfYRvkrt9pWGlngaReEng0zAdJxz1KUptCEcyoGcfm6dZfN48ynzmwKXHQh6doet56wWJEYACSOakDUTcmQ5bkQIh11mFlOwgZAAu9qAGcUK-S9AnN-asVwbr1Zi9bBHEcdqkt3QZNLBX4w2pzXPkxjGOCHZzbvaBdUrpEMqLR8qKLt50J0h7c2rYxw4KXUx86wMSe9ObfCmVdmC_bN6uJS7OTiTOByZxfwkMlXZROPb12W8e_nQCr905PZtXxTT7KGXfVE4k63yb6KKo6LoYFSsmtd2XPfwhCMzwJta0CRWVhhfpsFe7NdWIo7eALmKPg3qOwv9SbYEV2bXwnkylxpG3CEdHokyQotjUrsDQ1wzrmgRRHK-ouKH-t4vMjOsCAq_fp2NCxr90AKElVgyV-f9U768ySM3OUUKPcb3BFfmUCGyVdGWkAK4DrZ8iAAieH-9meuvlI--maGiAj8JuCrq8E6W6Wb_ZsaeVXXzxktX-0NgeMMQrRVwU1DC76FeZSM4PZziCdouZh9nngbqED2c78IYBeNNBp97e-1F3J5bqwrXgX7NFvPcKKPYsWIOZ6zDR8a58m00XX2GvR2p8zAd-CKdVqvDkj9m7DhpHAXwnv3Ksh2PW0R5l2C2NCfo4bjdsr8WObYl56hggVLyvrTxOvPNBrAOsb0p7rb2_FuqK_8JLhmiJQtICOxOq7NMvbOupkXe7okJ1iDGBC2EDiSGcNl8vIdRnDiXc1zdMPUN3O5Qi1d9wRjA5pof5jYfknc08l658xEIXYlrSDU5NjhFGhyQUaPlzaByyVyIbn3r4yshkpNNl1rLAtsMkM1rSd4aU-OKu4NQJKY4jx8VYIdtSwcaNTKZiADp5Hr2L7HX30ne-NKuFsRa4bL9OylenXOG-D4RExD_OYUefnHFuJAY-bXfsNbw6-FAzItOVUAXyrt0_34h5BgEuH2irjLyhQh4tkqCXaFCV6Iaq9FV97BLFHpSTcWFrgcALLUVfMs0Y3Kae0ezvlf0cId74J0jsNEjjUMtNWjHCwIASHbk__lZdbuzXxg6JXcjAKHjUitFqgQ3y2iU30Su0O7vySlm6TLojxHsgrzhiCjxGfYiNdAUaZnljZbiUIqnHxQt_aSB8UC_-AD9fbGlH9ePINdMV_qa_stUvw9elT8TF56bAGGjGBTAcq8HsDlBo_VnMm7aJVgXmU4qQAEE6kj7-UxFDxmMzY3XWGVLmyj83gw3jFFDHV8NR45PvzwzcT0rdsconY7y3LiWgKt6oHA8HuWPGuKG2Dr8vFbgcS7Wh3qyB945OeKCvWtrNfRg6c1iafjmQmPIMO9ybMHo1NJBaZdNKP-a_GXUO7cGVPIc_OMm8cdNtCR5S4LVie1J78NjRfK6sYT3ialY_z2DEDgLT0eGS99fEKx3NXP0hYsiT1MahtJ9KvMWZM4BbyHklqpSOPqVsQMtt11JWrCxpMS7OQaG4YAYsDD03eqHMMUduBJyH7AvFkynXw8uruvaX7cOJ5PUdEcSQYhb8-xE1_1HKuVmo5VLJG802hZQj5IqM9-nA0ID-6Mc4kdFwmi229CAwLOgxTHGXeBErnP1IaoMc8Dwf-XMRaofshInHlugD0u7lHRj9iJLKgcvCQALxStqGGlXU6W6AJBhwINOX8VaOUEF9fIqnCVNv_GdJRvVbgm0rP_8GiGf-c1tIxP_zFjZ6owPj6VqxrLjLkGDlA1HEN85A97Q-MIuEglTPkrFLfjRXqRowCmbhHB3rytlgv9AMYFIOikETY5fxeenf0KKbmGJdTYb0y1b1ObKQDcF9hJENI_Tw73C-C1DnyKJkXgtdP-WoMeFs1q4--P9RPelJWRrHoXVtcwz86Mww-SND8OF_NvgH-mHh3vS7WfIEouy6OWBKfXb9GiL7yK3-kgcrIEeoahyIxBzhAb_SuzeF7A9JsKvM-Ttyl-7vJOGzKG3eT4pmTFaJGjlLHLLul6k68aEhfJ1JYtf3F-EhAfRLAgFTUHOfnsVr5ud4Ah1f9AIsVVd7SkdGCgEEcoV5B76bs-Od_-rfGbAvHsWtc3XcUdqK27Neychs5B6P2F--5G7h1Pf_RLXduw50Kbif3wZL9MgK0S0o_3--XzSLvAyX9jQoRx_8lJgfzOGv4oYTr5bZNNp3dK46eFDtRJsIVKeCNIaH7h9GY8oHuXdmdR9doZYHlIRDWTG50tay7t0e0j7pXNGlfYNkaw5OrVjmbisG2oehgI1sIBxUOpYxhle2qBebdPUkUB-6Mnmf7s8MrLshnHXrbS1CxPTv70PGeF-Ds2im8WoEUnQc_Nl0jZdsWaDs1abRZxfDTbrPcJ_MPmkPn6Fii8CyVD-Cu81FNkVJEnB3P1F6TpqdpfQBY5zDp1acx_pXLMQ-2rQx-Rt4UicG5Qv2IZNFpzf3S_X6TDi2egzZ20Fg_xt2IOnPB5AF1Hs8KwPXnjfbtC0ouxmMMZDLgcZNyFDKcG4a41cfdCIggPzEaU4-W_3_HIS6GpWNNE2XnjoiNZ-57YWv21AtBkwIrvk-7iTQzMMeT5E3XI8Hjfx3ojdMlZnYp_Em82bz3_hM1vW8lvkPvPqJWx-7rlRpF7osG_B6nTnHknI4-aNPvticwsjtLg7&cid=CAASEuRoMlv6hbq53ycHo88_4yTSFQ&rfl=2%2Chttps%253A%252F%252Fgrainwiz.com%252F%240

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53092950ee00c5ff4eb5cae55f8000f87f739a42d7a16cde787b6a3eb211c42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36853
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4A86 3 KB
1 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A86 140 KB
43 KB 120ms
74ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 17:17:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4A86 17 KB
7 KB 75ms
25ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:15:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4A86 0
0 91ms
37ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4OXDI71v171r6HQe5Wvg71ABxfEOreY2I4mCq2gNEH-eBEPLgNzJzqbc-pIU0N4AxvihVTKmo3wXb3HZv8z1uvEiXPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A86 42 B
63 B 81ms
80ms Image
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFx9xZzsz0i0_yC5Ecr8r2mTey7JN0pa69oh62ZfuwktSCs5pEmXUOlc7BZ5oQUtji5oskLVtiAbcmlVO1z5KKl6nVi-Tx1maQhoVs2YKhGa5gY6I

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A86 0
20 B 81ms
80ms Ping
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220810&sample=0.01

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6304 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45c5b0e8fe11adb61bdbcbfc17ed633c37dc9d58c0a90148e1e06f2209b8c141

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1

43 B
906 B

52ms
51ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7Ch4kCENOW5ZMCGNyJ7L0BMAE&v=APEucNWZk5Cpp_Gkhm4pX2StQiacdTYBzTmuwCKZX1pIp6xe-sNlcZoK-Yxbl7qX6E8Lknb29zg1o1l9qwmHM0Mh0U8DN7tRbA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 739add765bce542b-YYZ
pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btljDrKAnebAhj3Vsl1n8XiOJwbbg9mg2zBBBjgOMaVMtqJRwwZJZrzSILNaWzJfDv2zsv1xFtxJn8RbTGjNps0KNO9TXp3wPbDtmQF%2Bncjd50lmx8u1ZHd%2FEj5U4auM0E4Jh2ag%2BpEJUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvaLLCr3fU3VfkOuKxb2DQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1

43 B
907 B

49ms
49ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7Ch4kCENOW5ZMCGNyJ7L0BMAE&v=APEucNWZk5Cpp_Gkhm4pX2StQiacdTYBzTmuwCKZX1pIp6xe-sNlcZoK-Yxbl7qX6E8Lknb29zg1o1l9qwmHM0Mh0U8DN7tRbA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 739add76dcd1542b-YYZ
pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1UvdfrrOBaB6yapier14jx8tTc%2FGfpZJSXfoQJAaJ%2FXnJgOm5Sn6YosClO8Vb0Kd78dbOseJSYuAE%2FDbteQ1XXlxqwFo5cjV8aw2Ok%2Bjh0qMSeU3XHBekUyPiXwu0ugxzWe4Yc9PnCiuw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK6G4Pe0sttpnDdKvaI08bg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A3F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO7NaI3iK5pzYM71YTrOpI&google_cver=1

43 B
1 KB

22ms
22ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBO7NaI3iK5pzYM71YTrOpI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7Ch4kCENOW5ZMCGNyJ7L0BMAE&v=APEucNWZk5Cpp_Gkhm4pX2StQiacdTYBzTmuwCKZX1pIp6xe-sNlcZoK-Yxbl7qX6E8Lknb29zg1o1l9qwmHM0Mh0U8DN7tRbA

Protocol

HTTP/1.1

Server

68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 17:17:32 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: ade3a83e-6ded-4e6a-87bd-347372552262
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBO7NaI3iK5pzYM71YTrOpI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3F8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDgzODg0MTI3NTAzNDU5Mw%3D%3D

170 B
188 B

39ms
37ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDgzODg0MTI3NTAzNDU5Mw%3D%3D

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Aug 2022 17:17:32 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: c1909ee8-88b6-436c-b6ed-abc788d024b0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0MDgzODg0MTI3NTAzNDU5Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6304 15 KB
16 KB 63ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 164735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:31:57 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/862982/60435755/ Frame 4A86 235 KB
70 KB 115ms
25ms Script
application/javascript 3.228.203.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/862982/60435755/skeleton.js?ias_dspID=3&ias_campId=1008192749&ias_pubId=&ias_chanId=1&ias_placementId=17655690690&bidurl=https://grainwiz.com/&ias_dealId=
Requested by: Host: grainwiz.com
URL: https://grainwiz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.203.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-203-55.compute-1.amazonaws.com
Software: /
Resource Hash: 45beefe915a5377fd4e5b77e0ed05fdcc682ac48c489791b01c190fc90e9615b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4A86 106 KB
38 KB 92ms
21ms Script
text/javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 14:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8899
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 14:49:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 4A86 8 KB
3 KB 25ms
21ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dqlq44ntRR10zdFXW-AxljtyJZJvEtDjUVkd7jrDpOJMVJG_UqZUbtNvCUW0sei6T4Q1jgrCDbkBRzYmsff-uzzmgNzOj3HEOvYaFzRHJv2kLwStqSqZUBO71Oc55Ko8WL2F3Dilz1ZnOiSUOKsxipTYxbug&dbm_d=AKAmf-BiwfIkQo9lYwvNPhSoj76YCmB9_NQRqM-AK6ZowL2bTu5JP8Cc-b8cFtfsS6_PR1MZcz_yEuM_va5guwGVhHNo4rQgCVBtDaRua2aruU-GYVuS0q6UhGsryyg5FAOQBdLFKXrSNFTd61iaNXP98Nutnm3qj4pfOH8JNfHDMbQGVq3IjcLsy0h6dvJVzygYkPAgHYighj7c-_5PvZrjHs49xx2AnfvXxKAIeuNdX9I6zAOwIoYr6Lq2wx8LoA9wA4szc4-MxM4uQJCWmlqhrwkQr7knzL4dikRxZgRsa9zpevUfS9c_mWXztdv9jO9uDZHjT-MN_wHG4X0aJbAqjdAliH_gDXKdzVlSXlhpmfWMUPZk_-VJkzWixxsEDnRi99UCqj57u7-zyir_xsIee9VKX7PR0VGJkotWJamyDdKT4Os54aSH8zBVTxdgtGZnOfYRvkrt9pWGlngaReEng0zAdJxz1KUptCEcyoGcfm6dZfN48ynzmwKXHQh6doet56wWJEYACSOakDUTcmQ5bkQIh11mFlOwgZAAu9qAGcUK-S9AnN-asVwbr1Zi9bBHEcdqkt3QZNLBX4w2pzXPkxjGOCHZzbvaBdUrpEMqLR8qKLt50J0h7c2rYxw4KXUx86wMSe9ObfCmVdmC_bN6uJS7OTiTOByZxfwkMlXZROPb12W8e_nQCr905PZtXxTT7KGXfVE4k63yb6KKo6LoYFSsmtd2XPfwhCMzwJta0CRWVhhfpsFe7NdWIo7eALmKPg3qOwv9SbYEV2bXwnkylxpG3CEdHokyQotjUrsDQ1wzrmgRRHK-ouKH-t4vMjOsCAq_fp2NCxr90AKElVgyV-f9U768ySM3OUUKPcb3BFfmUCGyVdGWkAK4DrZ8iAAieH-9meuvlI--maGiAj8JuCrq8E6W6Wb_ZsaeVXXzxktX-0NgeMMQrRVwU1DC76FeZSM4PZziCdouZh9nngbqED2c78IYBeNNBp97e-1F3J5bqwrXgX7NFvPcKKPYsWIOZ6zDR8a58m00XX2GvR2p8zAd-CKdVqvDkj9m7DhpHAXwnv3Ksh2PW0R5l2C2NCfo4bjdsr8WObYl56hggVLyvrTxOvPNBrAOsb0p7rb2_FuqK_8JLhmiJQtICOxOq7NMvbOupkXe7okJ1iDGBC2EDiSGcNl8vIdRnDiXc1zdMPUN3O5Qi1d9wRjA5pof5jYfknc08l658xEIXYlrSDU5NjhFGhyQUaPlzaByyVyIbn3r4yshkpNNl1rLAtsMkM1rSd4aU-OKu4NQJKY4jx8VYIdtSwcaNTKZiADp5Hr2L7HX30ne-NKuFsRa4bL9OylenXOG-D4RExD_OYUefnHFuJAY-bXfsNbw6-FAzItOVUAXyrt0_34h5BgEuH2irjLyhQh4tkqCXaFCV6Iaq9FV97BLFHpSTcWFrgcALLUVfMs0Y3Kae0ezvlf0cId74J0jsNEjjUMtNWjHCwIASHbk__lZdbuzXxg6JXcjAKHjUitFqgQ3y2iU30Su0O7vySlm6TLojxHsgrzhiCjxGfYiNdAUaZnljZbiUIqnHxQt_aSB8UC_-AD9fbGlH9ePINdMV_qa_stUvw9elT8TF56bAGGjGBTAcq8HsDlBo_VnMm7aJVgXmU4qQAEE6kj7-UxFDxmMzY3XWGVLmyj83gw3jFFDHV8NR45PvzwzcT0rdsconY7y3LiWgKt6oHA8HuWPGuKG2Dr8vFbgcS7Wh3qyB945OeKCvWtrNfRg6c1iafjmQmPIMO9ybMHo1NJBaZdNKP-a_GXUO7cGVPIc_OMm8cdNtCR5S4LVie1J78NjRfK6sYT3ialY_z2DEDgLT0eGS99fEKx3NXP0hYsiT1MahtJ9KvMWZM4BbyHklqpSOPqVsQMtt11JWrCxpMS7OQaG4YAYsDD03eqHMMUduBJyH7AvFkynXw8uruvaX7cOJ5PUdEcSQYhb8-xE1_1HKuVmo5VLJG802hZQj5IqM9-nA0ID-6Mc4kdFwmi229CAwLOgxTHGXeBErnP1IaoMc8Dwf-XMRaofshInHlugD0u7lHRj9iJLKgcvCQALxStqGGlXU6W6AJBhwINOX8VaOUEF9fIqnCVNv_GdJRvVbgm0rP_8GiGf-c1tIxP_zFjZ6owPj6VqxrLjLkGDlA1HEN85A97Q-MIuEglTPkrFLfjRXqRowCmbhHB3rytlgv9AMYFIOikETY5fxeenf0KKbmGJdTYb0y1b1ObKQDcF9hJENI_Tw73C-C1DnyKJkXgtdP-WoMeFs1q4--P9RPelJWRrHoXVtcwz86Mww-SND8OF_NvgH-mHh3vS7WfIEouy6OWBKfXb9GiL7yK3-kgcrIEeoahyIxBzhAb_SuzeF7A9JsKvM-Ttyl-7vJOGzKG3eT4pmTFaJGjlLHLLul6k68aEhfJ1JYtf3F-EhAfRLAgFTUHOfnsVr5ud4Ah1f9AIsVVd7SkdGCgEEcoV5B76bs-Od_-rfGbAvHsWtc3XcUdqK27Neychs5B6P2F--5G7h1Pf_RLXduw50Kbif3wZL9MgK0S0o_3--XzSLvAyX9jQoRx_8lJgfzOGv4oYTr5bZNNp3dK46eFDtRJsIVKeCNIaH7h9GY8oHuXdmdR9doZYHlIRDWTG50tay7t0e0j7pXNGlfYNkaw5OrVjmbisG2oehgI1sIBxUOpYxhle2qBebdPUkUB-6Mnmf7s8MrLshnHXrbS1CxPTv70PGeF-Ds2im8WoEUnQc_Nl0jZdsWaDs1abRZxfDTbrPcJ_MPmkPn6Fii8CyVD-Cu81FNkVJEnB3P1F6TpqdpfQBY5zDp1acx_pXLMQ-2rQx-Rt4UicG5Qv2IZNFpzf3S_X6TDi2egzZ20Fg_xt2IOnPB5AF1Hs8KwPXnjfbtC0ouxmMMZDLgcZNyFDKcG4a41cfdCIggPzEaU4-W_3_HIS6GpWNNE2XnjoiNZ-57YWv21AtBkwIrvk-7iTQzMMeT5E3XI8Hjfx3ojdMlZnYp_Em82bz3_hM1vW8lvkPvPqJWx-7rlRpF7osG_B6nTnHknI4-aNPvticwsjtLg7&cid=CAASEuRoMlv6hbq53ycHo88_4yTSFQ&rfl=2%2Chttps%253A%252F%252Fgrainwiz.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:13:18 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 4A86 30 KB
12 KB 26ms
19ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 17:09:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A86 41 KB
15 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 07:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 07:23:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AE34 1 KB
749 B 21ms
20ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 35634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 07:23:38 GMT
etag: 48472445140208031
expires: Sat, 13 Aug 2022 07:23:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4A86 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15e71d8748dec328c276fca8dd90ac8114462923c3246d48c172c4a9b7f1612

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7803 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:46:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 242F 22 KB
8 KB 21ms
20ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 210358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 06:51:34 GMT
expires: Thu, 10 Aug 2023 06:51:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AE34 35 B
464 B 95ms
26ms Image
image/gif 2620:116:800b:21:f059:4f7e:28a9:1588
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMuY72EfFEb_qfs2x7nFj5Y&google_cver=1&google_push=AehlK4CEkKKKJRcg7zcW5fy3LKIOW0TdcEpr7XR3e5DutTtuSJ4ABGOjrpNO1b9JbNLCLrt0qTWtuXEyGXST5mCYE2E40J_2bzFOyMVoOnWs4QbVpQ4newic06qxkgydPsV7zfn0c4m_KnbfM5Lz-kVFYvE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOLetIjZHvje6glj2RJGRsg&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r_nFW75KKLWN6wjpMcKh9Lw57ynS7M7Idxm...

170 B
188 B

46ms
46ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r_nFW75KKLWN6wjpMcKh9Lw57ynS7M7IdxmDvjvd2ml20cKaofC2NCJTJ39jY&google_hm=MTA1OTcxMTA2NjQzMjU3MzEzMTM

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4BU6wzlM51Y0rsw7nCPgbiBFUVhwjpUBrSP7NRWJKUBto84I4dYI0MPybaMaSW3-LFu3xkz0baWW_t5sCRemHX7S3r_nFW75KKLWN6wjpMcKh9Lw57ynS7M7IdxmDvjvd2ml20cKaofC2NCJTJ39jY&google_hm=MTA1OTcxMTA2NjQzMjU3MzEzMTM
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELTuZvreh8yKFvjeEY9Mlgw&google_cver=1&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQ...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQRx8imeZhxxPZEbgQuVdsC50Rd9vSTgiIy...

170 B
188 B

42ms
42ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQRx8imeZhxxPZEbgQuVdsC50Rd9vSTgiIyRylfrqyqWIaK2QWptb9A&google_hm=ANoaTyZ7xIkmP3ClQxc0_Q==

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CwR-g8ZRa744WbgPP90ZLgbK4nukkYUbfYm0rYRRu6k-wN4AyXYn03y43Ci73YEbZhoBmUlFBxLaG6199srg33SBOiM_qVQRx8imeZhxxPZEbgQuVdsC50Rd9vSTgiIyRylfrqyqWIaK2QWptb9A&google_hm=ANoaTyZ7xIkmP3ClQxc0_Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: f2f8tvtf96baagdqki975ct8elfqmk7d

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RsI-YAoiTWO1o9XyfGeztQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RsI-YAoiTWO1o9XyfGeztQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Dg7zv_7MipJO7RINZFS9KtavDfLn46HZ8-LAv0ZRQrJ5lu-_JGZ-pVJMOEPYvj07R7dvUmWhuU2fyMoLQv88ZmGTyM_lJ5cRyvgattDMWTfRNaM6KPOYxTbs-1_zUez3kAW0Rd_LKOEYZ-9ZLjV2o

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RsI-YAoiTWO1o9XyfGeztQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Dg7zv_7MipJO7RINZFS9KtavDfLn46HZ8-LAv0ZRQrJ5lu-_JGZ-pVJMOEPYvj07R7dvUmWhuU2fyMoLQv88ZmGTyM_lJ5cRyvgattDMWTfRNaM6KPOYxTbs-1_zUez3kAW0Rd_LKOEYZ-9ZLjV2o
date: Fri, 12 Aug 2022 17:17:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECV7VaRjLnXKBWe-dfews28&google_cver=1&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRUUZHTjMtMUotNVA0RQ==&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKmpUFnssRdopWfbcfnoLZQkOXOA-...

170 B
188 B

45ms
44ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRUUZHTjMtMUotNVA0RQ==&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKmpUFnssRdopWfbcfnoLZQkOXOA-jXw6V5-1um3kmgi-KayqiGD0W3mh9a2AEEb-ejZFirfCPkyGl-emg

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZRUUZHTjMtMUotNVA0RQ==&google_push=AehlK4AvymvwIg5y2-rIcxieWiJIY4M0E0_vhCu-_x3-z5XhrsvWnYEcUdHqP6tKXeIi0WH2rKmpUFnssRdopWfbcfnoLZQkOXOA-jXw6V5-1um3kmgi-KayqiGD0W3mh9a2AEEb-ejZFirfCPkyGl-emg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_hm=YvaLLCr3fU3VfkOuKxb2DQAAAI0AAAAB&google_nid=index&google_push=AehlK4AmroTVAuyK5DY5LeODb7WuOcJF4sFvb...

170 B
188 B

37ms
36ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_hm=YvaLLCr3fU3VfkOuKxb2DQAAAI0AAAAB&google_nid=index&google_push=AehlK4AmroTVAuyK5DY5LeODb7WuOcJF4sFvbMRxnK7cecJtBXy9TQxvlsq1TYPAYI4qa1zcfjecN2BgPI9jSLPVbnKj5y7ZnMdGRxge6kUu6Tv6vgFdnhA-isl1XWFCJVpp0JWgnXJmG8l5f6h9gJRw3GU

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7jFPGH8UpCQp9OU3c0lABqmT%2FyBWtwwg9sTJDRebwNRo1OiR2ppLNen13EOYkVwWHQWAyJ0gNU0PTe2RV0Mgga%2BzSjWH54FAxfxdFfdcz0WBdbPNX0JyrnSbfFTl9sspMa216ljUApyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAsQ8sE-MjBH_93OVef1Ehg&google_hm=YvaLLCr3fU3VfkOuKxb2DQAAAI0AAAAB&google_nid=index&google_push=AehlK4AmroTVAuyK5DY5LeODb7WuOcJF4sFvbMRxnK7cecJtBXy9TQxvlsq1TYPAYI4qa1zcfjecN2BgPI9jSLPVbnKj5y7ZnMdGRxge6kUu6Tv6vgFdnhA-isl1XWFCJVpp0JWgnXJmG8l5f6h9gJRw3GU
cache-control: no-cache
cf-ray: 739add774d6a53dd-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE34
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEOF0YpShe-JLxtKSRfEYaM8&google_cver=1&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVA...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVAB7ntzoaGItK9_qKAF9H4WMz6C-zWb...

170 B
188 B

45ms
44ms

Image
image/png

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVAB7ntzoaGItK9_qKAF9H4WMz6C-zWb9lzYGupMNVh90V685b46ac8w&google_hm=6fcb77c2f4e5baccf6b68df624a773c9

Requested by

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4ComzSv4Z-_6Huo9-OiUz-uv5mE6VI4FB9BKQcycHRd69keB4Av1-62YZOB4661WjjZQAJNbWHyXjPPuXFpdu5jwCZQjitVAB7ntzoaGItK9_qKAF9H4WMz6C-zWb9lzYGupMNVh90V685b46ac8w&google_hm=6fcb77c2f4e5baccf6b68df624a773c9
date: Fri, 12 Aug 2022 17:17:32 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AE34 0
12 B 36ms
33ms Image
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyotXoSHZAmckrZ0GsZd1B0gs6PMXkAtF_w7hSRw_W2a-9ktKxbgRTJEj74pMMQUSlK5Cj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Eclipse_Control_300x250_FR.html Show response
s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/ Frame 1FC9 6 KB
2 KB 64ms
21ms Document
text/html 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a521874465ed979a58c74aafffb053eadb31a28c217edcf00a1166b5ca2d2db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 183793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2124
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 14:14:19 GMT
expires: Thu, 10 Aug 2023 14:14:19 GMT
last-modified: Tue, 26 Jul 2022 20:42:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A86 0
622 B 107ms
43ms Ping
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuodQ3zA4FExTCIJWHRc2HVg8vK-QXQLOTdo6yTM0GvezBoColp63eCn84s_DDkyGZTZXE9LLXIl4TlolPUwH_4q6xn20IkptnzWo08AjH-9Iy556LEy9ZS6aHaRcg3b4pSAyIJeVGqF8-5WMM0dEuZVEBdJ7NlZ5yaQ__gbIiBTqDqcATvfbo1-VYfrXHZXmVlSUkvpFIsU3jK1sJvCQzCe5v3M2OuKX7v98YcuV93W4rhaERgM9QIYgGgMsMZ-RKL29HBCmXv88mEUwmnC-b4Ct4nWsQI8HUQh24y6jTlhgS-ShXeMDdEnRoJifHrzUig0JNf83Isnl_ico-Kud-RjvK4EBupBF6IIWl75habu5vUY-KUV0clJMGNmdHfQ4rK9CKU7B53T7XHE3Szf9K3XEpkOh7knJuoQNimQFFHB9YgZmikCGw1Un7WEtPAp-Ol7VVv9bPjbivqpuMIoCJU5OQmNtmFq1hhvC3Opgf91fvaxAmArMVR_tUw06YDMe27N2WWkssU5QmKM9U037CSrBdknS6U9_q_VstyRMGLfYXi5iiImacLGXTRnCOG0nmfMoinZcJdb-eM0KnTY3uUukMBliUuiu04ZEQdrh5PwfuwyAG_j1zuHJgGvFvVOTqtfAW_O8xBSRZQTwCr8N0ZJxhFBrdUN3bpuNtSHLzJOydos11b-t-McNqmRzdYXpJCg6l-zCStEAPcec5BWocc3LyzVWCqZyf6LK3r2edr8JZybbdgxsxWEJCuJMhEM3pY4b7Ao4MY-c3OlBiMDgpj8pQrCAt6mh-AN9xP_erF1Kj94_gzjCZ2-xOjPQP6njfXcds4s77EN2x48ATS1vPJQnZ3mM5Aq1Tw8E0ax91R3eoh9Yj-e6Ud0Gti_OKQZTGdV3HBqOKMiviBSvanwZpqt_4yYMSZ80i5XssERfQ30nryydTOFv3p2SbG2ejIFTTZb09oiJohPlQcsQgAsFtqW7fGfbsxXIAVPdRt-svs6emYA1tH8yqtFfz8nrGuv52iZVBxPAO15P4996vm_ejltjHZaIFIEdV72nzTtpSqM7-8heLlKRfqe4cERB5wor6pS8rYM1iu4vvBNcbycz4oPmIKPyiGYn4MPKalobDiGgjZX-RJbBKh9EpfGEitJdxRTsnDF58nx4j9daQC9T-Ccd5EeBkooLCe9qDiz2mslf3B_sSBvyq5HOUavOMi0eYRN3tgbxf8&sai=AMfl-YTTbqQ_xRXqWJ3_eT9hIuitEfitKAkxEoakVIFrSWUCHm2ld2mwX_1gizuIb2lx0blPHtbqw6P2K4x0i7fSzzjQ-cDfKKK4IZtnCshkemkPPzeAcJC5ldLFRlTR_jVOGbdbFGdw9bZZe2Tr8eUYCGfA59vPVA&sig=Cg0ArKJSzKPydnWDowaUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&cbvp=1&cstd=129&cisv=r20220810.26554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 12 Aug 2022 17:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4A86
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/862982/60435755/4.js?ias_dspID=3&ias_campId=1008192749&ias_pubId=&ias_chanId=1&ias_placementId=17655690690&bidurl=https://grainwiz.com/&ias_dealId=&adContainer...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

55ms
24ms

Script
application/javascript

2600:9000:20ed:c600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Server: 2600:9000:20ed:c600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 18:33:36 GMT
content-encoding: gzip
age: 168237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 10 Aug 2022 18:33:31 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via: 1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: PHL50-C1
content-type: application/javascript
x-amz-cf-id: DgoN0aOTkXSj33jFPz975o-GAOvEOusHmEpnw22t5uzjrq1PgX64iA==

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-server-name: app17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 0D92 80 KB
21 KB 100ms
22ms Script
application/javascript 2600:9000:20ed:c600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:c600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 06:50:21 GMT
content-encoding: gzip
age: 5048832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: PHL50-C1
content-type: application/javascript
x-amz-cf-id: HZ9YSb47lo9gsPvLrkaMTvq6Bj3lOTJ5H2JSAI-2B0Gs9rMH5ScImg==

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1FC9 236 KB
63 KB 84ms
27ms Script
text/javascript 2600:141b:13::17d7:8293
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:141b:13::17d7:8293 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:32 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Fri, 12 Aug 2022 17:32:32 GMT

GET
H3 200 Eclipse_Control_300x250_FR.js Show response
s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/ Frame 1FC9 188 KB
25 KB 20ms
20ms Script
application/x-javascript 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

299a44f64ae071f6f4ebd2ceb47d7e0670da1a9f7ceeed0bfd41481aa54adc41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25260
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:42:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:14:19 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 91ms
25ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68pGG,pingTime:-3,time:83,type:v,im:%7BpBlk:58%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
216 B 82ms
24ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68pGL,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:grainwiz.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 74ms
26ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68pH1,pingTime:-2,time:104,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:403,beZ:405,mfA:407,cmA:409,inA:409,inZ:414,prA:414,prZ:422,si:430,poA:431,bl:462,poZ:462,cmZ:462,mfZ:462,loA:491,loZ:499,ltA:508,ltZ:508%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:76,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3289772909469903&output=html&h=250&slotname=2523670142&adk=2105413356&adf=3532071676&pi=t.ma~as.2523670142&w=320&fwrn=4&fwrnh=100&lmt=1660324651&rafmt=1&psa=0&format=320x250&url=https%3A%2F%2Fgrainwiz.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660324651172&bpp=1&bdt=875&idt=378&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C640x280&nras=1&correlator=4676881738418&frm=20&pv=1&ga_vid=77948574.1660324651&ga_sid=1660324651&ga_hid=254027359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=960&ady=1049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068486&oid=2&pvsid=1553051046220710&tmod=1107984646&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DQO5nyIowM&p=https%3A//grainwiz.com&dtd=387
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:32 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 242F 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:46:06 GMT

GET
H3 200 Frame1.jpg
s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/ Frame 1FC9 76 KB
76 KB 21ms
20ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/Frame1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9130348db7170132f6bfb519a4c8f4642ad71b5932fce17a2eec33d16946003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:14:19 GMT
x-content-type-options: nosniff
age: 183793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77746
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:42:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:14:19 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A86 0
26 B 80ms
37ms Ping
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuodQ3zA4FExTCIJWHRc2HVg8vK-QXQLOTdo6yTM0GvezBoColp63eCn84s_DDkyGZTZXE9LLXIl4TlolPUwH_4q6xn20IkptnzWo08AjH-9Iy556LEy9ZS6aHaRcg3b4pSAyIJeVGqF8-5WMM0dEuZVEBdJ7NlZ5yaQ__gbIiBTqDqcATvfbo1-VYfrXHZXmVlSUkvpFIsU3jK1sJvCQzCe5v3M2OuKX7v98YcuV93W4rhaERgM9QIYgGgMsMZ-RKL29HBCmXv88mEUwmnC-b4Ct4nWsQI8HUQh24y6jTlhgS-ShXeMDdEnRoJifHrzUig0JNf83Isnl_ico-Kud-RjvK4EBupBF6IIWl75habu5vUY-KUV0clJMGNmdHfQ4rK9CKU7B53T7XHE3Szf9K3XEpkOh7knJuoQNimQFFHB9YgZmikCGw1Un7WEtPAp-Ol7VVv9bPjbivqpuMIoCJU5OQmNtmFq1hhvC3Opgf91fvaxAmArMVR_tUw06YDMe27N2WWkssU5QmKM9U037CSrBdknS6U9_q_VstyRMGLfYXi5iiImacLGXTRnCOG0nmfMoinZcJdb-eM0KnTY3uUukMBliUuiu04ZEQdrh5PwfuwyAG_j1zuHJgGvFvVOTqtfAW_O8xBSRZQTwCr8N0ZJxhFBrdUN3bpuNtSHLzJOydos11b-t-McNqmRzdYXpJCg6l-zCStEAPcec5BWocc3LyzVWCqZyf6LK3r2edr8JZybbdgxsxWEJCuJMhEM3pY4b7Ao4MY-c3OlBiMDgpj8pQrCAt6mh-AN9xP_erF1Kj94_gzjCZ2-xOjPQP6njfXcds4s77EN2x48ATS1vPJQnZ3mM5Aq1Tw8E0ax91R3eoh9Yj-e6Ud0Gti_OKQZTGdV3HBqOKMiviBSvanwZpqt_4yYMSZ80i5XssERfQ30nryydTOFv3p2SbG2ejIFTTZb09oiJohPlQcsQgAsFtqW7fGfbsxXIAVPdRt-svs6emYA1tH8yqtFfz8nrGuv52iZVBxPAO15P4996vm_ejltjHZaIFIEdV72nzTtpSqM7-8heLlKRfqe4cERB5wor6pS8rYM1iu4vvBNcbycz4oPmIKPyiGYn4MPKalobDiGgjZX-RJbBKh9EpfGEitJdxRTsnDF58nx4j9daQC9T-Ccd5EeBkooLCe9qDiz2mslf3B_sSBvyq5HOUavOMi0eYRN3tgbxf8&sai=AMfl-YTTbqQ_xRXqWJ3_eT9hIuitEfitKAkxEoakVIFrSWUCHm2ld2mwX_1gizuIb2lx0blPHtbqw6P2K4x0i7fSzzjQ-cDfKKK4IZtnCshkemkPPzeAcJC5ldLFRlTR_jVOGbdbFGdw9bZZe2Tr8eUYCGfA59vPVA&sig=Cg0ArKJSzKPydnWDowaUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=478&vt=11&dtpt=345&dett=3&cstd=129&cisv=r20220810.26554&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grainwiz.com
URL: https://grainwiz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 17:17:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 84ms
44ms XHR
application/json 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed2c94e3e51550c045108a1a872fa70e568609b5b9875a597e80ab5a5ea00aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 17:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11126
x-xss-protection: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 69ms
68ms XHR
application/json 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36b469cb33491ff164e64f4e999782b8a52c843e28ae01692e75b53571555233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://grainwiz.com/
accept-language: en-CA,en;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 5C7DE716-20C9-4793-A5E5-EE76EDA4F0C4
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 12 Aug 2022 17:17:32 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

GET
H3 200 Frame2.jpg
s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/ Frame 1FC9 76 KB
76 KB 21ms
20ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/Frame2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db7c520abf6a55c2a5872fdbb2720323e4fd68af6d16dc8f90f7cba2604855c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:14:19 GMT
x-content-type-options: nosniff
age: 183794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77504
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:42:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:14:19 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 228ms
27ms Preflight 20.42.73.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.73.140 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://grainwiz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 12 Aug 2022 17:17:32 GMT
x-content-type-options: nosniff

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 24ms
24ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68pJU,time:283,type:e,im:%7BpWait:4,pci:%7Btdr:195%7D,pLoad:215%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:283,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B276~0%5D,as:%5B276~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:104,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:33 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Frame3.jpg
s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/ Frame 1FC9 64 KB
64 KB 20ms
20ms Image
image/jpeg 2607:f8b0:4006:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/images/Frame3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2006 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccdf283e8b0db6c7f1ae42eda5ede517488b36faf4ff618e8ef6f995c889a4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12185317415200961583/Eclipse_Control_300x250_FR/Eclipse_Control_300x250_FR.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:14:19 GMT
x-content-type-options: nosniff
age: 183794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65827
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:42:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Aug 2023 14:14:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 17:17:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 242F 0
20 B 87ms
82ms Image
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnJHzLIv2YsmQGdiToPwP69OxyAcAAAAAOAHgBAI&bg=!sLOls_fNAAa4hXTbmIU7ACkAdvg8WqVjG--IJHo3Znp3gSX-bXidX6hBe6og0SS74u_M8Ry_UJS23gIAAACoUgAAAARoAQeZAyP00fKcd0NeNgFIk0Aij5gZmNGxmD856SMtAJliaTDo7ZnNusvlEDxf5zgyz68AXtnj-jSFNNb28gREyHVvEMx-N__oVxhm1ZIRcoRS1hLFxPQVfIvtGmd0t0V1bdyDKlPLnPHOEfamZ7mqgsj1-m4jh2-MFBWTh1VrC-mE3ASywkpm23uZFcixfwOHn_Re963250Y5aAM6NARPriGjp64SlZNXIAcsPV7MIV1M0n7BE1N9Oiq-3xH3WotofCOQACJGX26h8jUHr1O7HYespF-HVpZ-_-RqQtSJYaDhXCOOlgQAdUrWNFCHThBcmsMy4Fg1lymPUFZA4m-1o4__ABLYL_UY9vYZbFlfi4tqP1eg5MCojPgD_tgh6L43Oh4b7LVThuswgKePtIOd4xb4KxgrJpXjk0cC1VmTZOqC0XWYCMUx0L4fSzgTl3honuHP5Wuko3VMR2AgO8BwZDu952L36I29AOKLnsv-7gtqSr3w_NwtmiXxo7KoyGuHrC2U_e0tbJQjl1VyaoVvzrkpCytQEY6o33mHZu-iDp6_zpAzqMnRDvb2uY2Ddx4KJcD0O27S086M1-CJWkSUaegu1iwP3KW4V0snO-TNVUxLk4aUROWW82Madye5bFtsDUWLkRMitP9rC587lX_fgEke4W2ZkU94jTxvxITKUjZM7o4MXUu6DXztC91YpmnN2-cHHAdd3XHOik8r7WfmyAIZk48UAr9BtIG0uIisGKaCiteAct2euNPJ-4QyqREvpzD6e4oPv_KDMMhgM9sRzVOgPPm6IOJSJPwIUXzrc_mktYYlIw6YENCaRnKQvfR5qO8n8Zjdn71RXg1HETi2_NEl8tZOyIvPZkE5e3xxebnaNU_BkrM1BE2MSQ2_e7mgWO7oXXU7PEp6Pa0IlARaIi9bPT4rjGNv_XWEGjyvlMusQno_25cptJdWz3f01AmN48Hv6q_O5MP-trLfbqoQVLNGw8rvZz1fzp-pVhlDxor_jP1GaTtMV4-FiwcD3p8Ng3CZUonxfTL8C1c8CkW8mhxXV3r4-vUpixF3iXW7P-bjj2UA4SJjlw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4643 13 KB
5 KB 22ms
20ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 11495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 14:05:58 GMT
expires: Sat, 12 Aug 2023 14:05:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 71C5 783 B
535 B 89ms
47ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d1f5f851fe32daed8c6e0349e3db919345b30aaaabe50ccba6b112c2b524ab3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYYC-oC-AADZSVAIr59qIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grainwiz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-NYYC-oC-AADZSVAIr59qIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 17:17:33 GMT
expires: Fri, 12 Aug 2022 17:17:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4643 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 07:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Aug 2023 07:46:06 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 25ms
24ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68pP0,pingTime:-10,time:599,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660324653373%7C%7Cf29ea22e34995a4d4652a65f03ae1c74%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C8acde841af32078c14bc9b31e91c0556%7C%7Ca00ab570c19e0cf53ab7b33a826af3e5%7C%7Ccb6179610d032e4af82fcec99dd524e7%7C%7C2b2e7e6d49a1ab6f9d7365b0fc89ff9d%7C%7Cba9f29918cd2feacb606b06946d4bf18%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:33 GMT
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 71C5 0
0 41ms
41ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=1553051046220710&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4643 0
10 B 22ms
22ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DsZ6iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 17:17:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A86 42 B
64 B 45ms
45ms Fetch
image/gif 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYYy3uy08wOTOOWcAYtlk9FHs-4BFFxb9U4eSYX2pO2rIKN9NPLrrkBznMZ19x87KpO2CnDedDUGdYvftBuJ-mILh4tsqUHUEXP81nitduu92jV3brTObIqH9NgWUP2tSUghXTcYB8ZQ&sai=AMfl-YSt8iMnigAtHMMNu9SjBGK3U_HAsCiKyhHBJdr1azuIcuPr9n8ctKt_gYVnlWfQqAs5cyPbwVGn_hPKXD30Gdh2bh-lbntZ0iY&sig=Cg0ArKJSzOyKFH_jykJ3EAE&cid=CAASEuRoMlv6hbq53ycHo88_4yTSFQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=20&adk=2105413356&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660324652372&rpt=398&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=1553051046220710&bg=!WlmlWR3NAAa4hXTbmIU7ACkAdvg8WlSvfI3IDDrL3iT4dxpfTdH35uWb2KXRjqLgIkJd91DFQJBXhQIAAADgUgAAAAJoAQcKAHlCbBaPPyUCAn4CgX-x9aBn914WEbkvdjYZC235yU64FKp5hWtpEtUq9TqTYjBp_WolB62oL6-QBRbZif06d4QvN-NH0hOOE5hACwHqgmWykhhOrjG7sPKsj_Pt6dp82Vo1Wb5hW2Rn5uekpCtwjeZbdOcIFcbq3IJKmQLOHR-wE04OcwlOkHyTtNjdsAs5D38I9adPRsESDvpJv2_7CSScFeN9cXgk-FRKjgdIXU4DpqrmDhP-VGXyDCvi8By5p4xjIW7awgVJFszZU100lDki9lyrgYTpS4YbAzqYZk9aY_i10UA_BYKp-PtmxD0MemrDtgX7E9i50UIw4CLE-7xVWSIR0Hgeo2BTgaXKL-pVS1fMX60tcqIFNwQ4e4cm-EoFOKCxiMK7PprUvkuV9gpToJwzW3_SQI2g_yV6Ory59BleDYY06a84o6v6EJT96tWjk5IQIyjVHLtObRcK3F8Xt2RlAd0dEsADgmFKZ0faaq1tErTpyaxhmCy_ecAiIwFk6ePXVwJA3CalZ8YLyNN8eMVeEZKHUugcJhHGN3GJ0ENlJaZBSU9tuLVd63ZWQaALH17rxR3huyCqZDWZxxNwad1LHTBy7ztxDX2Sm_vKtjVt3VCo7kDNNna-5xrwJ76sJtP9SFzyHZul4jez9v-p9Igl5GnY5NnDESx9w7cfnUoG_C0XzG9fzB7YkZ3ZyQvme33pQS1vm2C4Ra8LubiNmuB-UfY-E83OHV4DYaIl5Vww1a-fj3EYwCEzvy7tpGDvy7bxe2netAqtWE6fx2Ia3VPukKdiT74WQV446iv3omLxReK76_5uFTLpyuXyPwmJfvtEiYQ9kFkBHA_1DBoY9L1eietzp_XqwNAadlsowlvMGD61vCACE9I3cM8NjYYTfBhE1JfzphLUf2SvIhmCdkid_m7da3IIzIkomSbtxTa5CMaZjJGljxHQOhgf8lQBMvUGL0JNj99KJH-scgpf58eNk9mGilP0VaXt3qBlDIippmBfEuo-n6kI8o7zbj8b9FnZPGYUtRNEsBBKFQP_IkGmf8w6i52rVckDa5n6G0IDj4GmmEkaruIrdQ75U-vy-TEdxKgrhGgz5ctUuI9penuqccjn8ogaNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 62
grainwiz.com/meteo/image/ 45 KB
45 KB 40ms
39ms Image
image/gif 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/meteo/image/62
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dfb793dcb72438d3a4e1baf1be086af8cc1d189a7f0b9f9188fb39a0858a752f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:34 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
content-length: 45745
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 25ms
24ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68qdo,pingTime:1,time:2111,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:60,vs:pp,r:,t:1110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1110,n:0,pp:1001,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1103~0,0~50%5D,as:%5B1103~300.250%5D%7D%7D,%7Bsl:pp,t:1110,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:38,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:34 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 63
grainwiz.com/meteo/image/ 41 KB
41 KB 40ms
39ms Image
image/gif 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/meteo/image/63
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02692f8b2c913e2d5075a3291a7ce21e84cc478fa24f6255e522d78ecc8aac79

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:35 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
content-length: 41761
expires: -1

GET
H2 200 64
grainwiz.com/meteo/image/ 48 KB
49 KB 40ms
40ms Image
image/gif 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/meteo/image/64
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 795553207ffb9eaffbfb1ae20a8267bdd4ada589bf3cc6f65d44fa02c85e2f47

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:37 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
content-length: 49650
expires: -1

GET
H2 200 65
grainwiz.com/meteo/image/ 51 KB
52 KB 41ms
40ms Image
image/gif 52.232.133.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grainwiz.com/meteo/image/65
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.232.133.169 Québec, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 980d4f5dd05ace6f4043f131099b5bd7a85294db635f96cf9ae4f4094e80952e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://grainwiz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:38 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
content-length: 52735
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A86 43 B
215 B 24ms
24ms Image
image/gif 2600:1f18:1aca:4281:4f5b:6550:560a:4298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=862982&asId=fc04aa6e-6007-672f-b9f9-77c7c7ba5d77&tv=%7Bc:l68rfU,pingTime:5,time:6111,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:25%7D,%7Bpiv:60,vs:pp,r:,t:1110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1110,n:0,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1103~0,0~50%5D,as:%5B1103~300.250%5D%7D%7D,%7Bsl:pp,t:1110,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:60,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:28,fm:tejL2rt+11%7C12%7C131%7C14%7C15%7C16%7C171%7C181*.862982-60435755%7C1811%7C1812%7C1813%7C1814%7C19%7C1a,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:4f5b:6550:560a:4298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 17:17:38 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grainwiz.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: GnTEwwj53Dippx63ybAYC30PrYXfbbGFt78T4ai6CelJTDPNrMjJSXMmpiJmeRNZdmBAYq6SW7GwBpawTf55S90w35kyCYiQrDChbk-TVT01
.demdex.net/	1970-01-20 09:31:16	Name: demdex Value: 70142489505481542813619428153785939871
grainwiz.com/	1969-12-31 23:59:59	Name: AMCVS_1E24776A524450D90A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 13:57:40	Name: everest_g_v2 Value: g_surferid~YvaLKgAAAJ6mvgNz
.grainwiz.com/	1969-12-31 23:59:59	Name: SC_LINKS Value: %5B%5BB%5D%5D
.grainwiz.com/	1970-01-20 05:12:06	Name: nbcu_prepagename Value: no%20value
.grainwiz.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 09:31:16	Name: dpm Value: 70142489505481542813619428153785939871
grainwiz.com/	1970-01-20 14:48:04	Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -1330315163%7CMCMID%7C75443738351864418054313978897078894203%7CMCAAMLH-1660929450%7C7%7CMCAAMB-1660929450%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1660331850s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19224
.grainwiz.com/	1970-01-20 14:48:04	Name: _ga Value: GA1.2.77948574.1660324651
.grainwiz.com/	1970-01-20 05:13:31	Name: _gid Value: GA1.2.619980555.1660324651
.grainwiz.com/	1970-01-20 05:12:04	Name: _gat Value: 1
.grainwiz.com/	1970-01-20 05:12:04	Name: _gat_legacyTracker Value: 1
grainwiz.com/	1970-01-20 13:57:40	Name: ai_user Value: 2V3oJ\|2022-08-12T17:17:31.428Z
grainwiz.com/	1970-01-20 05:12:06	Name: ai_session Value: E8WIz\|1660324651504.6\|1660324651504.6
.grainwiz.com/	1970-01-20 14:33:40	Name: __gads Value: ID=fe2cc66460365af2-224956aff9d40013:T=1660324651:RT=1660324651:S=ALNI_MYGdOusLcqsBOhbzpJrIndX9eKcvQ
.grainwiz.com/	1970-01-20 14:33:40	Name: __gpi Value: UID=000006f3682bb12d:T=1660324651:RT=1660324651:S=ALNI_Mb7DiTaQaBVGgLVFmQt0T1EPTgXCg
.media6degrees.com/	1970-01-20 09:31:16	Name: clid Value: 2rgiip701171cudwx74gsswb0000000168010x01801
.media6degrees.com/	1970-01-20 09:31:16	Name: acs Value: 012020k1rgiip7xzt10
.bing.com/	1970-01-20 14:33:40	Name: MUID Value: 1CD7CC1AC3E06B5B083FDDE4C2CA6A22
.c.bing.com/	1970-01-20 05:22:09	Name: MR Value: 0
.everesttech.net/	1970-01-20 05:56:43	Name: ev_sync_ax Value: 20220812
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YvaLKwAAAV4h-Aeq
.eyeota.net/	1970-01-20 13:57:40	Name: mako_uid Value: 182930fa32d-58f30000010a5615
.eyeota.net/	1970-01-20 05:12:05	Name: SERVERID Value: 22037~DM
.scorecardresearch.com/	1970-01-20 14:48:04	Name: UID Value: 160f9e52adf615b8b5cc6471660324651
.krxd.net/	1970-01-20 09:31:16	Name: _kuid_ Value: PA5hobrV
.crwdcntrl.net/	1970-01-20 11:40:51	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 11:40:51	Name: _cc_id Value: 1395a95d691ba4c567173bd212527946
.addthis.com/	1970-01-20 14:42:19	Name: uvc Value: 1%7C32
.casalemedia.com/	1970-01-20 13:57:40	Name: CMID Value: YvaLLCr3fU3VfkOuKxb2DQAA
.casalemedia.com/	1970-01-20 07:21:40	Name: CMPS Value: 141
.casalemedia.com/	1970-01-20 07:21:40	Name: CMPRO Value: 141
.adnxs.com/	1970-01-20 07:21:40	Name: uuid2 Value: 3940838841275034593
.demdex.net/	1970-01-20 09:31:16	Name: dextp Value: 771-1-1660324651454\|992-1-1660324651527\|1083-1-1660324651566\|1085-1-1660324651569\|1086-1-1660324651583\|1087-1-1660324651599\|1088-1-1660324651614\|1957-1-1660324651629\|19913-1-1660324651649\|30064-1-1660324651667\|575-1-1660324651700\|73426-1-1660324651704\|66757-1-1660324651719\|121998-1-1660324651738\|144230-1-1660324651757\|144231-1-1660324651782\|144232-1-1660324651795\|144233-1-1660324651935\|144234-1-1660324651955\|144235-1-1660324651972\|144236-1-1660324651986\|144237-1-1660324652004\|275754-1-1660324652039
.rubiconproject.com/	1970-01-20 13:57:40	Name: khaos Value: L6QQFGN3-1J-5P4E
.rubiconproject.com/	1970-01-20 13:57:40	Name: audit Value: 1\|sZq/kHojJxmWvT88kNklYax8TdigFy9yJtV6/eGunPoeECEUBMheii1ard7uV6tE9gVqmoTLTTUwHTRO1/p4iM1d+xr7gW6vRTjahTvbHTFaBDuoQ3pCI+q5LSuyizONsj+PkdQgykOtAOTmjEas6/WQzJBJR0DUpRuCy0WrP/0=
.openx.net/	1970-01-20 13:57:40	Name: i Value: 0c20af2a-267a-4250-9a9d-f4faf4293dba\|1660324652
.pubmatic.com/	1970-01-20 07:21:40	Name: KRTBCOOKIE_218 Value: 4056-YvaLKgAAAJ6mvgNz&KRTB&22978-YvaLKgAAAJ6mvgNz&KRTB&23194-YvaLKgAAAJ6mvgNz&KRTB&23209-YvaLKgAAAJ6mvgNz
.pubmatic.com/	1970-01-20 05:55:16	Name: PugT Value: 1660324652
.bidr.io/	1970-01-20 14:40:38	Name: bito Value: AADg3E7F7RYAABBvZGHIRA
.bidr.io/	1970-01-20 14:40:38	Name: bitoIsSecure Value: ok
.spotxchange.com/	1970-01-20 05:52:23	Name: audience Value: a6958b39-1a62-11ed-9bd1-183ad5690403
.addthis.com/	1970-01-20 14:33:40	Name: ouid Value: 62f68b2c0001823bbaa74d1db33fe104e9861be56ef790092eb0
.addthis.com/	1970-01-20 14:33:40	Name: di2 Value: aVSs\|#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#1:R#19w
.addthis.com/	1970-01-20 14:33:40	Name: um Value: j.'2022081217173221000404575045'
.addthis.com/	1970-01-20 14:33:40	Name: uid Value: 62f68b2c9ce47258
.addthis.com/	1970-01-20 14:33:40	Name: na_id Value: 2022081217173221000404575045
.addthis.com/	1970-01-20 14:33:40	Name: vc Value: 2
.doubleclick.net/	1970-01-20 14:48:04	Name: IDE Value: AHWqTUn3ITLII3oRXsxOYvFzg4IQ2Vyy4QwIpE45V0i0LzF38tuvTwgS3Jh5ElsZSRc
.addthis.com/	1970-01-20 14:42:19	Name: loc Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.adnxs.com/	1970-01-20 07:21:40	Name: anj Value: dTM7k!M40]EVNsVF']wIg2E>3h)N$g!]tbPl1MwL(!R7qUY$*fY8xR3YWJXRAe1FVCc<IvFy)yK<QJ:aIPcP(?[])gK)#4>Js1Oh=Gy)itNW?#Q^(ggR!v3.3G]]t'>K!#0y=/d!!)Uc./l4#
.mookie1.com/	1970-01-20 14:40:52	Name: id Value: 10597110664325731313
.mookie1.com/	1970-01-20 14:40:52	Name: mdata Value: 1\|10597110664325731313\|1660324652677
.mookie1.com/	1970-01-20 14:40:52	Name: ov Value: 3a25530ddddfea900b25b20f7add4b2b
.adingo.jp/	1970-01-20 05:55:16	Name: ID Value: 6fcb77c2f4e5baccf6b68df624a773c9
.pubmatic.com/	1970-01-20 07:21:40	Name: KADUSERCOOKIE Value: 46C23E60-0A22-4D63-B5A3-D5F27C67B3B5
.quantserve.com/	1970-01-20 07:21:40	Name: d Value: EFUBCQHrJoEA
.quantserve.com/	1970-01-20 14:42:19	Name: mc Value: 62f68b2c-ab6bb-93bf8-407f9
.casalemedia.com/	1970-01-20 07:21:40	Name: CMTS Value: 017

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://grainwiz.com/ Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-facebook-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grainwiz.com/ Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-twitter-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grainwiz.com/ Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-secured-letter-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grainwiz.com/(Line 937) Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-facebook-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grainwiz.com/(Line 937) Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-twitter-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://grainwiz.com/(Line 937) Message: Mixed Content: The page at 'https://grainwiz.com/' was loaded over HTTPS, but requested an insecure element 'http://www.grainwiz.com/Content/Images/Icons/footer/icons8-secured-letter-48.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ads.scorecardresearch.com
adservice.google.ca
adservice.google.com
az416426.vo.msecnd.net
beacon.krxd.net
c.bing.com
cc.adingo.jp
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
dashboard.time.ly
dc.services.visualstudio.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events.time.ly
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grainwiz.com
ib.adnxs.com
idpix.media6degrees.com
image2.pubmatic.com
image6.pubmatic.com
m.addthis.com
match.prod.bidr.io
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
ps.eyeota.net
rtb.openx.net
s0.2mdn.net
s7.addthis.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
syndication.twitter.com
timely-api-public.s3.us-west-2.amazonaws.com
ton.twimg.com
tpc.googlesyndication.com
us-u.openx.net
usermatch.krxd.net
v1.addthisedge.com
www.bnc.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.grainwiz.com
www.gstatic.com
z.moatads.com
s7.addthis.com
104.18.18.126
104.18.19.126
104.244.42.136
104.36.115.109
104.36.115.113
104.77.220.151
108.138.128.56
142.250.80.98
142.251.40.98
151.101.130.49
172.217.165.130
184.29.133.169
192.35.249.127
20.42.73.140
23.4.225.174
2600:141b:13::17d7:8293
2600:1901:0:8eee::
2600:1f18:1aca:4281:4f5b:6550:560a:4298
2600:9000:20ed:c600:8:48e:53c0:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2606:2800:21f:5b71:3e29:d001:be46:4bcc
2606:2800:21f:c0ec:d236:5e26:ab36:2d30
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700::6811:190e
2606:4700::6812:b4f
2606:4700::6812:bcf
2607:f8b0:4004:c17::9a
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2006
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:c11::200
2a03:2880:f112:182:face:b00c:0:25de
3.223.247.87
3.228.203.55
3.83.73.204
34.201.230.190
34.231.251.31
34.98.64.218
35.190.90.30
35.227.252.103
35.83.53.88
44.205.56.98
52.20.189.152
52.232.133.169
52.92.147.170
54.163.172.200
54.243.94.111
54.80.54.203
63.140.38.117
68.67.160.114
69.173.151.100
72.21.91.70
0159e6c04c1dbc757f226a5c2b4061a54fbf98ddc52cde179009b608ca8d5d09
02692f8b2c913e2d5075a3291a7ce21e84cc478fa24f6255e522d78ecc8aac79
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0560bf8bc327fef92bafc9d026eb84d2e26410c2aa1a212be8402f536360b4c6
07c319f47f8d665899edb357df0c7be079284bc0db311346a748bfc44ce96ede
07e47eb1574ade22717f46f70ee505f5336465030efececa379f2f08f7c749b4
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1f5f851fe32daed8c6e0349e3db919345b30aaaabe50ccba6b112c2b524ab3
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
10003fc797dff0e2fb4886aebde4ec0f03d92bcf1909622180d6a015c93e746a
11b75a0b5fed078ad67bd8e95bdbe78d7ef03844325feac114f0832627339ad2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1ce6c20a3d64fddcc82ca7399a10dc14d187f732ec5516bb156a2562a807301c
21f5ba95d508d21579e0b128dd9f238f8b216449c56b64a01391d58c23567a45
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
299a44f64ae071f6f4ebd2ceb47d7e0670da1a9f7ceeed0bfd41481aa54adc41
2fc3c0aa5808f7e4d933fc5ad8530632c9f4d10730c45fd10e0750da00fcc216
34c44ae8f460289be138ea47a1208041407a96af49b883a67dc6ef9a2509d0cf
36b469cb33491ff164e64f4e999782b8a52c843e28ae01692e75b53571555233
39c5d987dbe039c6bb433ddd30073f9305fd45b4cee59f8b791e6c014dd37c1c
3bb05ac6dc0543527909bf8c4431d3495a5009816ca74e64e7572e4ae9696c61
3eb5828013a74e1584e007c0f58af7391054301587c61c930a04bfdfbf3834b5
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c007b8b6a670abccbeab1d59c5cdef3a388c78264fb7bea0d7fddd0624ff6a
44ecb7493dbbc375188648d34b1b3c66d4985a73c1ac8590011a1fedc062ae41
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45beefe915a5377fd4e5b77e0ed05fdcc682ac48c489791b01c190fc90e9615b
45c5b0e8fe11adb61bdbcbfc17ed633c37dc9d58c0a90148e1e06f2209b8c141
49ad6c529a7a5a4f6c65be2d5cd7945e54d8cad056813602d7e1afa101064a0f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2959c2e7d430fd57517dc460af066bedc099ee9d0dc85cfedc357b809c000a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53092950ee00c5ff4eb5cae55f8000f87f739a42d7a16cde787b6a3eb211c42c
539067c6cc4f1b6196b8b5f5fd524cae861ec45de5079a6f246305576f7ba057
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
560303e7d056045cc03ab878f71b013e6abe91ddb23f526485b66c4ed3ec455a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5997b2d231bf8e1d62578e8ed7bc0b60e6751c7a87c1762f7e260f65d1bbeb30
59ad41a614fdffcbcddaefa3b42a6b93526f7d4a9780ec2f7b35091ac9bb59e2
5c0f79d0286f1fd3db48e1b689358017b302c0f4babde540329e8c644cf119c7
5f8fd19c8c5b2af3b0dc9d27698c7df62781461c530aab8477d7191ec6c09788
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61475581cf6ab82b4d9791f8c645e69a627668dd8e52818cd47b91cd7211cb2b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
634787dcbca83f18751bc5ae0378ef7fdce3a5674624441b2c67b47541067998
646cf227054240548b28e93d538f780a7a639ccea08a6fefe6e082c098420a29
6687520767fc35bf586668008e8e57801d074a4ee2bf2931d8a70031682c7bd3
68aaa339b88a6730f0b6ff02d231d5d3dc64731cc15136b0b3569573e8308328
6b35b609dd897393a89bd4136038edee6f283fb0cc9b2892552e132db410b48b
6b7e43ffe66d56470e72454e42176805a059221b74a9f9e2af80c9b71cd8bfe3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db7c520abf6a55c2a5872fdbb2720323e4fd68af6d16dc8f90f7cba2604855c
6ddabc4152720fd26d4507a1e4a2d0f486978386e0dffa968ddb5d31adf0b633
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
795553207ffb9eaffbfb1ae20a8267bdd4ada589bf3cc6f65d44fa02c85e2f47
7a304c3e59405b2d9f573db90b5086b3e892167b187cfd03165aa1e3c4ccc030
7b771e71a3eef771815d01448136686f2359bcf68c4ef223039ffdb16092a47b
7b82ede4c2ea1c01332bcff3a29babdf31e6bcc7d603920f83a6f6034bbfde46
7bd94899742fe20aed702296fa131f8aa99e20955319776620567062349a341c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d6321a89dedbc881047d17987ace671223affed5133a41ddffd9e36b0ff58cf
7edb913cc2ae8ff20b333bed70a5f70ee8356cd4e0ae04939855a879ab5d5eb0
7ee90c47e19befb7ada80b49fb24cbf39da452d32ec60bff99baf63ea257f808
82550845c6fff872fe8b14cc19ea7f7bf4551412224aa262d091b26a21dad63d
83eed0736c5f05f6f59db5203ac8d325b047b9ec34479f05417d92d6093b29a7
856d449b541105219c13a28db9933d3f26f2142d9e58593671b21d9a84f1d05a
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e4625a989c407c7d061123f2904489aeaa9a106c159639f411a02f7d7003f3c
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9416aca672bff227bcbbbcda358a781cf9f9cdb26bd8055f5ed99e3dd2f03b33
96db8ef4732bc17a5078036abed6c7ad1c76907df0cb366a2263b600272efb6b
980d4f5dd05ace6f4043f131099b5bd7a85294db635f96cf9ae4f4094e80952e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9999b9970937a55eca193aa7702cebaf1609a2483b22fed806c662860dafc1a4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9c7808f8e99aabb6e8f7295faf5e96fcb7386052fa4a7ffe7d7400479d811859
9e8d8702068db672f2aa99fb189b3e3697328b7545096b31b6deb8fe59911210
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15e71d8748dec328c276fca8dd90ac8114462923c3246d48c172c4a9b7f1612
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a334b6389d9dc474a86d1c0f09595ce7127c56f30d3366f541a172ff3224e3de
a3f64b268a1207fab3c3ac24b1ebe936605e715356da7fbdbed312ae08834605
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d7b52eeb5960f2883f8eeb0a863141f5d835d3e26df146dd1773272426db98
a521874465ed979a58c74aafffb053eadb31a28c217edcf00a1166b5ca2d2db4
a52e81725f7086f0536b8ffa8426362a5a14ec3e1c6554dae3424828559d6883
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5fbe25e6a063573c28374980b46cdd080eb292f88ca23d8c53d0d1d90907530
a6e975d159b4b266bb809f17c1a30d0c50227bc09366bd5390af6d7ba70a78da
a7576f279ff8ab6c3da0eec3cb53a07b71166ceccc21ba428711cfb3fe319d05
a791b036f035c95e4d359ec4db11cc5fc6946788dcf4731891a77a84efde0b1e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef46ba347c06ad90d5ce01277840b35948a66159a0ac4c90ec1d3168deb5aa0
af64d5a25bc4dc089ed55d8639deb40b0e03fd7ea3837f76561c18b4869064a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2064d3dbb9f3c86615749674f615191019e26b858d1fd36400c16f8557f1b98
b5217d3ee7f2c6f03a62436a6278d72c4494279a42006ea7eb188598ee3d61c8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5d9b7e765b7d070b9b53b62562c5b05201dbce113bf2301366163d5dd44e7cb
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bad50f3f6e46248680672883253594e60d609074c57cdc552fcd4b41fb21e2d7
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c544b45e7ad8449c73c69ff2306cf09c4feac428d95ac05a758191d9024627ec
c6b72be229813abf6b465a8472cc41824b43cc751a7b827809a123e9747c2c05
c79a666ff40092caed60c0407c8b199b508fbff2db871f34d53e09cec313816d
c8ec17603e3e27d88581f0464a7c2a62f278751b66243aac8b99d820faaf03f9
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9ad7ee4e2f85b083f1fb5aa15242dec537bdfff2c21cc62f08f5e54c742a5bd
ccdf283e8b0db6c7f1ae42eda5ede517488b36faf4ff618e8ef6f995c889a4ed
cfb15551a7419ed5078cc0a979872f359c71ad7179471fc6e2d9a8c72a457c0a
d03e906db303d7268f0c19c8b4c1d398fb3c6f2e37985b98522e8936effaa0bf
d12a0d30f346e809bdceea8650532c61412880392c78634330350133ca69b58b
d45e7ef2e0220f1c61197c20c33ec8652e0dc6a753ef49437b5ee637f3fcbea4
d4ef5873f1022937376cdd3e3c10e83fbf8ef498619f3d76a5d24935c92b6d1d
d83861d426ae115a195853ee1b98d6755038a4836949cf3153ddc5dae29abef6
d946d57c165c42205d43e24f79dfb66a6cf5c69ff7f20768433dc39bc411c323
daab7e2668e7de6a47bf0b5bad0fc0a10daffe725a6d458d5440f38f4aab8259
db97d7c393aa5e4bd5eaeed2270dc4e8886d8255fd7f7225610dffd6c311a215
dca663d76b688d67e57975b970fbd786b7159dbf91ac4feff8ce4ce80416b4a2
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dfb793dcb72438d3a4e1baf1be086af8cc1d189a7f0b9f9188fb39a0858a752f
dfbaddc502250e4498ac7abcf93d6c1c429d958aeabc77e21953a29985519341
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7a765f95812ecb3e764f937108a02997cc941adf0d20d214b7155cd0ecd3b75
ebb781830c811c336a6abc3edcfd58ef77338b51231de042830fd3767b406c82
ed2c94e3e51550c045108a1a872fa70e568609b5b9875a597e80ab5a5ea00aca
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee61150ae49092a53d352d8cd975a133b9596bb3cb15316ae97b6439eaf1d9ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ee418f6658e208bbda398f6216ac78dc40cc5577e1b91347334d5a19dca29
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f9130348db7170132f6bfb519a4c8f4642ad71b5932fce17a2eec33d16946003
fb5ce95a59108f2da0501c20badc541998f08d37cda9f04d6eba98fe756dc1e9

grainwiz.com Open in urlscan Pro 52.232.133.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

83 %HTTPS

44 %IPv6

46 Domains

68 Subdomains

49 IPs

3 Countries

9008 kBTransfer

12171 kBSize

60 Cookies

12 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grainwiz.com Open in urlscan Pro
52.232.133.169 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

83 %
HTTPS

44 %
IPv6

46
Domains

68
Subdomains

49
IPs

3
Countries

9008 kB
Transfer

12171 kB
Size

60
Cookies

210 HTTP transactions
7 data transactions