urlscan.io logo urlscan.io
SecurityTrails logo

canoe.com Open in urlscan Pro
34.117.147.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://canoe.com/puzzles/
Submission: On January 23 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 6 countries across 88 domains to perform 347 HTTP transactions. The main IP is 34.117.147.204, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is canoe.com. The Cisco Umbrella rank of the primary domain is 787748.
TLS certificate: Issued by GTS CA 1D4 on November 25th 2023. Valid for: 3 months.
This is the only time canoe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.117.147.204 396982 (GOOGLE-CL...)
1 142.251.40.234 15169 (GOOGLE)
7 142.250.65.162 15169 (GOOGLE)
3 18.238.63.215 16509 (AMAZON-02)
1 3 23.205.2.235 16625 (AKAMAI-AS)
1 54.192.51.120 16509 (AMAZON-02)
14 34.117.54.29 396982 (GOOGLE-CL...)
1 13.225.195.7 16509 (AMAZON-02)
2 104.26.1.62 13335 (CLOUDFLAR...)
2 52.85.61.109 16509 (AMAZON-02)
1 172.64.142.6 13335 (CLOUDFLAR...)
9 66.6.101.151 11320 (LIGHTEDGE...)
2 104.18.5.235 13335 (CLOUDFLAR...)
6 13.107.6.158 8068 (MICROSOFT...)
1 151.101.2.114 54113 (FASTLY)
2 5 13.35.93.67 16509 (AMAZON-02)
1 104.18.41.170 13335 (CLOUDFLAR...)
4 142.251.41.3 15169 (GOOGLE)
1 54.192.51.124 16509 (AMAZON-02)
2 151.101.1.229 54113 (FASTLY)
1 23.1.200.228 16625 (AKAMAI-AS)
2 104.18.35.167 13335 (CLOUDFLAR...)
1 104.26.0.62 13335 (CLOUDFLAR...)
2 172.64.97.32 13335 (CLOUDFLAR...)
5 34.195.72.146 14618 (AMAZON-AES)
1 3.161.212.32 16509 (AMAZON-02)
3 74.119.119.131 19750 (AS-CRITEO)
1 108.138.128.124 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
22 157.185.170.144 54994 (ML-1432-5...)
11 142.251.41.8 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
2 6 68.67.179.87 29990 (ASN-APPNEX)
1 8.43.72.32 26667 (RUBICONPR...)
1 74.119.119.129 19750 (AS-CRITEO)
2 34.235.214.237 14618 (AMAZON-AES)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 104.36.115.111 62713 (AS-PUBMATIC)
9 34.107.254.252 396982 (GOOGLE-CL...)
1 104.17.119.17 13335 (CLOUDFLAR...)
2 13 52.46.130.91 16509 (AMAZON-02)
2 15 104.18.36.155 13335 (CLOUDFLAR...)
7 34.236.67.173 14618 (AMAZON-AES)
3 23.51.57.13 16625 (AKAMAI-AS)
6 23.47.170.102 16625 (AKAMAI-AS)
2 6 34.98.64.218 396982 (GOOGLE-CL...)
3 9 63.251.86.50 10913 (INTERNAP-BLK)
8 10 142.250.81.226 15169 (GOOGLE)
11 11 35.71.131.137 16509 (AMAZON-02)
3 3 35.174.57.140 14618 (AMAZON-AES)
1 1 50.116.194.23 6336 (TURN-US-ASN)
2 2 13.225.63.53 16509 (AMAZON-02)
2 2 199.38.167.130 54312 (ROCKETFUEL)
2 3 35.244.154.8 15169 (GOOGLE)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 1 54.146.129.87 14618 (AMAZON-AES)
3 3 54.208.16.196 14618 (AMAZON-AES)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 142.251.41.1 15169 (GOOGLE)
4 3.214.92.171 14618 (AMAZON-AES)
5 54.192.51.34 16509 (AMAZON-02)
1 151.101.2.133 54113 (FASTLY)
7 142.251.40.129 15169 (GOOGLE)
2 142.250.65.226 15169 (GOOGLE)
3 142.251.32.100 15169 (GOOGLE)
3 3.209.220.168 14618 (AMAZON-AES)
6 216.239.38.181 15169 (GOOGLE)
3 172.253.63.155 15169 (GOOGLE)
3 142.250.65.227 15169 (GOOGLE)
4 142.250.80.14 15169 (GOOGLE)
2 172.67.159.162 13335 (CLOUDFLAR...)
2 31.13.71.7 32934 (FACEBOOK)
1 13.225.195.35 16509 (AMAZON-02)
1 18.164.101.60 16509 (AMAZON-02)
3 35.244.193.51 396982 (GOOGLE-CL...)
2 8.28.7.81 62713 (AS-PUBMATIC)
7 7 69.194.240.13 26120 (RHYTHMONE)
1 1 50.116.194.21 6336 (TURN-US-ASN)
7 151.101.66.133 54113 (FASTLY)
4 54.192.51.102 16509 (AMAZON-02)
2 54.192.51.72 16509 (AMAZON-02)
1 13.226.34.6 16509 (AMAZON-02)
1 31.13.71.36 32934 (FACEBOOK)
20 52.21.192.107 14618 (AMAZON-AES)
1 34.237.166.49 14618 (AMAZON-AES)
2 104.18.4.235 13335 (CLOUDFLAR...)
1 3.161.213.102 16509 (AMAZON-02)
6 8 8.43.72.97 26667 (RUBICONPR...)
1 54.144.144.142 14618 (AMAZON-AES)
9 14 8.43.72.98 26667 (RUBICONPR...)
1 3 34.228.147.189 14618 (AMAZON-AES)
1 67.220.226.238 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 2 52.73.63.104 14618 (AMAZON-AES)
1 147.28.146.89 54825 (PACKET)
4 4 3.225.218.10 14618 (AMAZON-AES)
1 23.55.235.168 20940 (AKAMAI-ASN1)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 54.152.50.166 14618 (AMAZON-AES)
1 1 18.238.80.80 16509 (AMAZON-02)
1 1 18.164.96.10 16509 (AMAZON-02)
1 54.192.51.45 16509 (AMAZON-02)
2 57.128.96.92 16276 (OVH)
1 23.51.56.248 16625 (AKAMAI-AS)
8 23.56.162.28 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 1 54.86.68.242 14618 (AMAZON-AES)
6 142.251.40.98 15169 (GOOGLE)
2 18.204.119.111 14618 (AMAZON-AES)
1 1 23.105.12.170 30633 (LEASEWEB-...)
1 63.251.28.233 13789 (INTERNAP-...)
2 2 151.101.130.49 54113 (FASTLY)
1 1 34.231.250.139 14618 (AMAZON-AES)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 74.119.119.139 19750 (AS-CRITEO)
1 69.166.1.34 27630 (AS-XFERNET)
2 23.52.160.28 16625 (AKAMAI-AS)
1 1 74.119.119.150 19750 (AS-CRITEO)
1 35.211.178.172 19527 (GOOGLE-2)
2 2 64.202.112.31 23352 (SERVERCEN...)
2 2 35.207.24.140 15169 (GOOGLE)
2 99.83.181.31 16509 (AMAZON-02)
1 34.120.107.143 396982 (GOOGLE-CL...)
1 52.71.57.44 14618 (AMAZON-AES)
1 35.190.39.111 15169 (GOOGLE)
1 104.21.50.90 13335 (CLOUDFLAR...)
2 172.64.145.177 13335 (CLOUDFLAR...)
347 106
1    34.117.147.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.147.117.34.bc.googleusercontent.com
canoe.com
1    142.251.40.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net
fonts.googleapis.com
7    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
3    18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net
c.amazon-adsystem.com
3    23.205.2.235 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    54.192.51.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-120.yul62.r.cloudfront.net
cdn.adsafeprotected.com
14    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
dcs-static.gprod.postmedia.digital
fem.gprod.postmedia.digital
1    13.225.195.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-7.yul62.r.cloudfront.net
ak.sail-horizon.com
2    104.26.1.62 (None, )

ASN13335 (CLOUDFLARENET, US)
tags.qortex.ai
2    52.85.61.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-109.ewr53.r.cloudfront.net
cdn.jwplayer.com
1    172.64.142.6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
9    66.6.101.151 (Lavaca, United States)

ASN11320 (LIGHTEDGE-AS-02, US)
entertainment.service.amuniversal.com
2    104.18.5.235 (None, )

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
6    13.107.6.158 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: bingforbusiness.com
edge-auth.microsoft.com
1    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
5    13.35.93.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-67.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    104.18.41.170 (None, )

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
4    142.251.41.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
fonts.gstatic.com
1    54.192.51.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-124.yul62.r.cloudfront.net
config.aps.amazon-adsystem.com
2    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    23.1.200.228 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-228.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    104.26.0.62 (None, )

ASN13335 (CLOUDFLARENET, US)
events.qortex.ai
2    172.64.97.32 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
5    34.195.72.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-72-146.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    3.161.212.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-212-32.yul62.r.cloudfront.net
aax.amazon-adsystem.com
3    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
22    157.185.170.144 (Canada)

ASN54994 (ML-1432-54994, CA)
avatar.amuniversal.com
11    142.251.41.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
6    68.67.179.87 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    8.43.72.32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
2    34.235.214.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-214-237.compute-1.amazonaws.com
btlr.sharethrough.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    104.17.119.17 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
13    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
15    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7    34.236.67.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-67-173.compute-1.amazonaws.com
match.sharethrough.com
3    23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
google-bidout-d.openx.net
9    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
ce.lijit.com
10    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
3    35.174.57.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-57-140.compute-1.amazonaws.com
i.liadm.com
1    50.116.194.23 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com
d.turn.com
2    13.225.63.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-53.ewr53.r.cloudfront.net
live.rezync.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    54.146.129.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-129-87.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    54.208.16.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-16-196.compute-1.amazonaws.com
pm.w55c.net
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    142.251.41.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f1.1e100.net
499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com
4    3.214.92.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-92-171.compute-1.amazonaws.com
postmedia.hub.loginradius.com
5    54.192.51.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-34.yul62.r.cloudfront.net
cdn.viafoura.net
1    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
7    142.251.40.129 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
www.googletagservices.com
3    142.251.32.100 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net
www.google.com
3    3.209.220.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-220-168.compute-1.amazonaws.com
api.viafoura.co
6    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
stats.g.doubleclick.net
3    142.250.65.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net
www.google.ca
4    142.250.80.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f14.1e100.net
www.google-analytics.com
2    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
1    13.225.195.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-35.yul62.r.cloudfront.net
get.s-onetag.com
1    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
3    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
ad.turn.com
7    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
identity.mparticle.com
jssdks.mparticle.com
4    54.192.51.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-102.yul62.r.cloudfront.net
static.adsafeprotected.com
2    54.192.51.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-72.yul62.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.226.34.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-6.ewr53.r.cloudfront.net
signal-beacon.s-onetag.com
1    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
20    52.21.192.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-192-107.compute-1.amazonaws.com
dt.adsafeprotected.com
1    34.237.166.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-166-49.compute-1.amazonaws.com
i.viafoura.co
2    104.18.4.235 (None, )

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
1    3.161.213.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-102.yul62.r.cloudfront.net
placement-prd.jwpltx.com
8    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
14    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
3    34.228.147.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-147-189.compute-1.amazonaws.com
pr-bh.ybp.yahoo.com
1    67.220.226.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.73.63.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-63-104.compute-1.amazonaws.com
match.prod.bidr.io
1    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.55.235.168 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-168.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    54.152.50.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-50-166.compute-1.amazonaws.com
sync.ipredictive.com
1    18.238.80.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-80.jfk52.r.cloudfront.net
live.primis.tech
1    18.164.96.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-10.jfk50.r.cloudfront.net
sync.intentiq.com
1    54.192.51.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-45.yul62.r.cloudfront.net
sync1.intentiq.com
2    57.128.96.92 (Paris, France)

ASN16276 (OVH, FR)
PTR: haproxy06.cl11.ovh.mrf.io
events.newsroom.bi
1    23.51.56.248 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-56-248.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    54.86.68.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-68-242.compute-1.amazonaws.com
ssp.disqus.com
6    142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
pagead2.googlesyndication.com
2    18.204.119.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-119-111.compute-1.amazonaws.com
prebid-a.rubiconproject.com
1    23.105.12.170 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
1    63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.231.250.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-250-139.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    23.52.160.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-28.deploy.static.akamaitechnologies.com
cs.media.net
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
1    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.71.57.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-57-44.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    104.21.50.90 (None, )

ASN13335 (CLOUDFLARENET, US)
experiences.mrf.io
2    172.64.145.177 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.ribn.com
Apex Domain
Subdomains		 Transfer
34 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 2971
ads.rubiconproject.com — Cisco Umbrella Rank: 2076
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2989
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
218 KB
31 amuniversal.com
entertainment.service.amuniversal.com — Cisco Umbrella Rank: 371931
avatar.amuniversal.com — Cisco Umbrella Rank: 141806
3 MB
30 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3571
pixel.adsafeprotected.com — Cisco Umbrella Rank: 851
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
220 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
200 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
87 KB
15 casalemedia.com
htlb.casalemedia.com Failed
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
11 KB
14 googlesyndication.com
499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
244 KB
14 postmedia.digital
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 100889
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 122053
212 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
data.adsrvr.org — Cisco Umbrella Rank: 5024
4 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
contextual.media.net — Cisco Umbrella Rank: 709
cs.media.net — Cisco Umbrella Rank: 1236
15 KB
11 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
869 KB
10 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2271
cdn.permutive.com — Cisco Umbrella Rank: 3125
51 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
1 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 978
match.sharethrough.com — Cisco Umbrella Rank: 508
4 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671 Failed
ce.lijit.com — Cisco Umbrella Rank: 859
8 KB
8 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6679
identity.mparticle.com — Cisco Umbrella Rank: 3089
jssdks.mparticle.com — Cisco Umbrella Rank: 6177
116 KB
7 openx.net
rtb.openx.net Failed
u.openx.net — Cisco Umbrella Rank: 683
us-u.openx.net — Cisco Umbrella Rank: 524
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
2 KB
7 yahoo.com
c2shb.pubgw.yahoo.com Failed
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
secure.adnxs.com — Cisco Umbrella Rank: 490
23 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5021
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7257
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 5546
20 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
18 KB
6 microsoft.com
edge-auth.microsoft.com — Cisco Umbrella Rank: 41324
307 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
3 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12957
215 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
gum.criteo.com — Cisco Umbrella Rank: 423
dis.criteo.com — Cisco Umbrella Rank: 608
7 KB
5 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1299
lexicon.33across.com — Cisco Umbrella Rank: 1517
9 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13187
i.viafoura.co — Cisco Umbrella Rank: 13541
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 127540
1 KB
4 gstatic.com
fonts.gstatic.com
61 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 60316
config.lrcontent.com — Cisco Umbrella Rank: 24269
100 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9261
experiences.mrf.io — Cisco Umbrella Rank: 10063
59 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
578 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
873 B
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
2 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com — Cisco Umbrella Rank: 564
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
75 KB
3 qortex.ai
tags.qortex.ai — Cisco Umbrella Rank: 23301
events.qortex.ai — Cisco Umbrella Rank: 19471
14 KB
2 ribn.com
assets.ribn.com — Cisco Umbrella Rank: 129846
8 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
829 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
640 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7316
2 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
523 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
1 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
p1.parsely.com — Cisco Umbrella Rank: 2229
22 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
94 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
131 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1381
ad.turn.com — Cisco Umbrella Rank: 843
850 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
12 KB
2 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 12197
772 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
2 KB
2 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2653
23 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
494 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
399 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1604
563 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
655 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
297 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1487
309 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
556 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
493 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
650 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
451 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
513 B
1 jwpltx.com
placement-prd.jwpltx.com — Cisco Umbrella Rank: 133429
203 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
695 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
1 KB
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 173134
379 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 136809
116 KB
1 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2844
20 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7784
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3585
33 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 canoe.com
canoe.com — Cisco Umbrella Rank: 787748
19 KB
0 avct.cloud Failed
ads.avct.cloud Failed
347 88
Domain Requested by
22 avatar.amuniversal.com entertainment.service.amuniversal.com
20 dt.adsafeprotected.com canoe.com
13 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
match.sharethrough.com
canoe.com
ce.lijit.com
12 pixel.rubiconproject.com 7 redirects s.amazon-adsystem.com
canoe.com
11 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
11 www.googletagmanager.com entertainment.service.amuniversal.com
www.googletagmanager.com
fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
canoe.com
www.google-analytics.com
10 match.adsrvr.org 10 redirects
10 cm.g.doubleclick.net 8 redirects s.amazon-adsystem.com
10 dcs-static.gprod.postmedia.digital canoe.com
dcs-static.gprod.postmedia.digital
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
9 entertainment.service.amuniversal.com canoe.com
entertainment.service.amuniversal.com
8 contextual.media.net micro.rubiconproject.com
contextual.media.net
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
canoe.com
7 securepubads.g.doubleclick.net canoe.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 analytics.google.com www.googletagmanager.com
6 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
contextual.media.net
6 edge-auth.microsoft.com canoe.com
edge-auth.microsoft.com
5 sync.1rx.io 5 redirects
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 ib.adnxs.com 1 redirects 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
acdn.adnxs.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
canoe.com
5 sb.scorecardresearch.com 2 redirects canoe.com
fem.gprod.postmedia.digital
4 ups.analytics.yahoo.com 4 redirects
4 static.adsafeprotected.com pixel.adsafeprotected.com
canoe.com
4 identity.mparticle.com jssdkcdns.mparticle.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 u.openx.net 2 redirects s.amazon-adsystem.com
micro.rubiconproject.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 fonts.gstatic.com fonts.googleapis.com
4 fem.gprod.postmedia.digital canoe.com
fem.gprod.postmedia.digital
3 gum.criteo.com contextual.media.net
static.criteo.net
gum.criteo.com
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 jssdks.mparticle.com jssdkcdns.mparticle.com
3 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
3 www.google.ca canoe.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api.viafoura.co cdn.viafoura.net
3 www.google.com securepubads.g.doubleclick.net
canoe.com
tpc.googlesyndication.com
3 pm.w55c.net 3 redirects
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 i.liadm.com 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
micro.rubiconproject.com
contextual.media.net
3 ap.lijit.com micro.rubiconproject.com
canoe.com
3 static.criteo.net securepubads.g.doubleclick.net
micro.rubiconproject.com
static.criteo.net
3 c.amazon-adsystem.com canoe.com
c.amazon-adsystem.com
2 assets.ribn.com www.googletagmanager.com
canoe.com
2 rtb.mfadsrvr.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 cs.media.net contextual.media.net
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 events.newsroom.bi sdk.mrf.io
2 pixel.tapad.com 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 config.lrcontent.com auth.lrcontent.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 sync.targeting.unrulymedia.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 connect.facebook.net canoe.com
connect.facebook.net
2 sdk.mrf.io canoe.com
sdk.mrf.io
2 www.googletagservices.com securepubads.g.doubleclick.net
2 ums.acuityplatform.com 2 redirects
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 btlr.sharethrough.com micro.rubiconproject.com
2 api.fouanalytics.com tags.qortex.ai
canoe.com
2 cdn-ima.33across.com canoe.com
securepubads.g.doubleclick.net
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com canoe.com
cdn.viafoura.net
2 cdn.jwplayer.com canoe.com
cdn.jwplayer.com
2 tags.qortex.ai canoe.com
tags.qortex.ai
1 experiences.mrf.io sdk.mrf.io
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 oajs.openx.net oa.openxcdn.net
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 x.bidswitch.net contextual.media.net
1 dis.criteo.com 1 redirects
1 us-u.openx.net contextual.media.net
1 sync.go.sonobi.com contextual.media.net
1 secure-assets.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ssp.disqus.com 1 redirects
1 js-sec.indexww.com micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 sync.ipredictive.com 1 redirects
1 hb.yahoo.net s.amazon-adsystem.com
1 prebid.a-mo.net s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 p1.parsely.com canoe.com
1 placement-prd.jwpltx.com canoe.com
1 i.viafoura.co cdn.viafoura.net
1 www.facebook.com canoe.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 ad.turn.com 1 redirects
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.mathtag.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 d.turn.com 1 redirects
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 events.qortex.ai tags.qortex.ai
1 secure.cdn.fastclick.net canoe.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ssl.p.jwpcdn.com cdn.jwplayer.com
1 www.npttech.com canoe.com
1 ak.sail-horizon.com canoe.com
1 cdn.adsafeprotected.com canoe.com
1 micro.rubiconproject.com canoe.com
1 fonts.googleapis.com canoe.com
1 canoe.com
0 ads.avct.cloud Failed ce.lijit.com
0 htlb.casalemedia.com Failed micro.rubiconproject.com
0 rtb.openx.net Failed micro.rubiconproject.com
0 c2shb.pubgw.yahoo.com Failed micro.rubiconproject.com
347 147
Subject Issuer Validity Valid
canoe.com
GTS CA 1D4		 2023-11-25 -
2024-02-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02		 2023-12-04 -
2024-12-30		 a year crt.sh
qortex.ai
GTS CA 1P5		 2023-12-20 -
2024-03-19		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
entertainment.service.amuniversal.com
Go Daddy Secure Certificate Authority - G2		 2023-12-08 -
2025-01-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
edge-auth.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-28 -
2024-11-22		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
fouanalytics.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2024-01-22 -
2024-04-22		 3 months crt.sh
ssl.cdngc.net
GlobalSign RSA OV SSL CA 2018		 2023-04-28 -
2024-05-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.loginradius.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-11		 a year crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-09-16 -
2024-10-17		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2024-01-05 -
2024-04-04		 3 months crt.sh

This page contains 35 frames:

Primary Page: https://canoe.com/puzzles/
Frame ID: D46EB0B3B04EF319E1367C9478E0276C
Requests: 183 HTTP requests in this frame

Frame: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Frame ID: EBFC2DE4CDA451FB3F1D76C27A3069CB
Requests: 32 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v94.0/xd.html
Frame ID: 541AE60D6B6D4B6F6CC3382543D576E1
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Frame ID: 330F69A8A1BDB1BBE46DF8307C210D33
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: A287C04FECCDAA9D9A30FDF62EDDC70E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 10F1447036D5056E2AE575B73BADE6EB
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 597B4CA2773D4723CBCEC901F635E6AF
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 42474AA3C83CDCE06CD41BB1CA7CCFC7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7DC7B899F39C1803BCABFC96FC27A5DE
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 5D422878899476233526FC46BF1B20CB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7382765016243788889&ex=appnexus.com
Frame ID: 985091071CE9B4B88C3921EB9BBA541C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 28C6CD2F38C64DDC504A07AA079789D0
Requests: 7 HTTP requests in this frame

Frame: https://499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBF4B30A2CD77570927D72CF8D63001A
Requests: 1 HTTP requests in this frame

Frame: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Frame ID: 113C91AC1B41BA5D648958BC882CEDB6
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x600&pubId=4811995650&chanId=21690693772&placementId=6336354690&pubCreative=138438278549&pubOrder=3224663197&cb=452367189&custom=index&custom2=rr1&adsafe_par&impId=bee99313-ba07-11ee-853e-029df323959b
Frame ID: 05F3F33EFC6A4A34EDE6DEF35DACCC1D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssD2OBJmy6oQFTNlSn6yGOiZF0FqjqlOZwfSbzFEdwdIYnIdT6B_Sb4CpMC20MILff9etSvVj57UqY0-ggyJ-hadvpFLVwKDQAVyBH15AmmmTtodIiF7EuYzeIeapsdc7ioKIOxAcsnr0hkPr05sFpH5AOgFZ81VB0AfaRlvoMzCvkVUCiNMdbhppW8dHu8D7ZHRsxWJWcVVip37zfDNxrfEwz_Su35D0C-fq_Q585fn5AJdXiZ-kgM2YbUNQ_PdI09viXVtgZFTFaO5weAvmYTXnoKwE1XM4_6iShAZVD3FGT1vVyUn5eddRMyr8rJCj7L8DNeBX54jowW9g4-j4uVNXUO9Wh1yS3Xkw57nxdhLQ7B2--_-3CvetzFVhLpIR7E0qdHHjbE91Cs7AMGvmhQ&sai=AMfl-YQP5G00lH-htPdpVcb8YirOQeEgpSEP6LBfgrAOJ7BG7AI8020ytUm7iVhW-crAGq6IQvFyUc0A6F_0wee4EeoY7l1Z551JzYG7rliYD7ukg19nlkrmxlc80hrI_jQ&sig=Cg0ArKJSzE5lyQncdJJSEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6F33367EFC7B27052FA213DEFC5D2AA2
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6441232483&pubCreative=138458675913&pubOrder=3291647976&cb=6078444&custom=index&custom2=1&adsafe_par&impId=bee99312-ba07-11ee-853e-029df323959b
Frame ID: 78C6F7F0CB72B1CDCA6EF91ECDDFFC9F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssABby-i-4VRgnAGYQbE_yYXh415cghh3rkdsycvRGMxsw2drlxP-NYLfoOsVC0imETHUFQkjg8KtO4skdqhzGOrbDO5YUqFXmsa4EbtqhOD5dHKZjl4YknmYM_lmly-H_091cGEK90b1MgBQ1SzEYv6tx3cmM6g_bpFF2u7XinwISJraj8QaN04wLtlwJhT273SkTG-sn_OmTK-7x1GjmdXk6mfZyOemr7Ge6-OWRnOEPEXJdMCz2D8TjG-_PGHowVnpPBjfljxfSWwAQvtNGnvV5G53ZKRb-9p-G670MT3NwhQZeK0W5WafZ36vOPyxouLyX6INzcGwBy0eR7s7UmjqnoGM-Iu-lnyW71HI6KtWbf8OBz8SiIna3sjziBSrR3XlvCscmmu6jE7NjeRxvU&sai=AMfl-YR2YlqB5Cu5Ka9ULpS3x9YMZTEl_krg5KlD3mGthL8y_9meGsHa1-QMEoE1pwknrZHDAM4K4b1Dm8iCni5zhZaKARPizQfZh8JuNvVEnsdhdfDiZsnRS38whaXFNt4&sig=Cg0ArKJSzFHUtiqyf3QrEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7075EC254E9BE027D56D0C5310705195
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 856B1383D0B8E3C03F8DDEC9C6F88D08
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A0CECDF41A2097B45179932B10D8B3B0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29964F1807B7ABEAA5688935D200604B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: CBF3EE0770FEB5279929EF0DB0E0DAC8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7CD0E2B04E7A93FCA8DA60884EB1DB10
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: DA995B4A9805EB7CF0F32907303D00D2
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1186F87C08ACA908C83E5011E380CFB7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 8A250E7DA4710733076BBB07A86ECEDA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9E35DBBCABBD439057D097F772C7EC73
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 31694628FC2594FEC71F5A355BCA3123
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3490269009335648000V10&type=rkt&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=969751697225496346
Frame ID: 455D34E6B46FCAB7E6E1A00C3E238CCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dpba%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 78E7BC03538F5E835AC285E58BB1E46A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 70420EE915A83EB07D7D31F0514C0650
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: B24B44DEDB57E73A077F9CC8318828D0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=canoe.com
Frame ID: 95D9F7D35560900DD5B9ABC93A87BCCC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BC6A235FD95F801532137D74523CE58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 711B419ABCECC1E92B42D8765E3BC354
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Puzzles and Games | Canoe.ComCanoe.comUser

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

347
Requests

82 %
HTTPS

0 %
IPv6

88
Domains

147
Subdomains

106
IPs

6
Countries

7259 kB
Transfer

15394 kB
Size

146
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 79
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
Request Chain 105
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Request Chain 114
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 119
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7382765016243788889&ex=appnexus.com
Request Chain 120
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDB35pUbgKz8QPRfK-bQ-Rg&google_cver=1
Request Chain 123
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&expiration=1708617299&gdpr=0&gdpr_consent=
Request Chain 124
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za-hTsAd2z0o6YwhzgsgZwAA%263792&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za-hTsAd2z0o6YwhzgsgZwAA%263792&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=91e6910f6b774f44b8d4ef812555a35d HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8109771040243830765 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=91e6910f-6b77-4f44-b8d4-ef812555a35d HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=420bbdb5-c637-400e-8aa0-8d82cb81fffc%3A1706025303.4901533&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D420bbdb5-c637-400e-8aa0-8d82cb81fffc%253A1706025303.4901533%26_%3D1706025303.4930887&cb=1706025303.493123 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969751697225496346&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D420bbdb5-c637-400e-8aa0-8d82cb81fffc%253A1706025303.4901533%26_%3D1706025303.4930887 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=420bbdb5-c637-400e-8aa0-8d82cb81fffc%3A1706025303.4901533&_=1706025303.4930887 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc0MjBiYmRiNS1jNjM3LTQwMGUtOGFhMC04ZDgyY2I4MWZmZmM6MTcwNjAyNTMwMy40OTAxNTMzEAAaDQjXwr-tBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBLSofhmCjAEtkUUX3i8X-s&google_cver=1
Request Chain 126
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880325415258&us_privacy=1---
Request Chain 127
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=L210gdPvUHluIbjuXEkqnj4DJIw
Request Chain 128
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=AqzA1y3t1Rsj715
Request Chain 129
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=878e65af-e14e-4d00-8a20-c231dd793b4c&gdpr=&gdpr_consent=
Request Chain 181
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzdmOWY0ODMtMDk4NC00MWU2LWFiMzgtNDdkNDA5YjdhZGFi HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 183
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1706025296170 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=644512393 HTTP 302
  • https://sync.1rx.io/usersync/turn/8109771040243830765?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_id%3DRX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
Request Chain 184
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=61cac47a-0c8b-0788-0f6f-df1a641d9fbd
Request Chain 223
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 243
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRQJETK1-3-JHMR HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Request Chain 246
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gkm7juN7Sz68868N4c-EMg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gkm7juN7Sz68868N4c-EMg
Request Chain 247
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Request Chain 248
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJRSkVUSzEtMy1KSE1S HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPk2y814CTm4P9adklUZhjM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJRSkVUSzEtMy1KSE1S&google_push=
Request Chain 249
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ajRC0QBSl_SnQcEDi7QTIQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VsmyTIpE2oJkNW8c3bOFIDHuTa3XP6i8Gm6etg--~A
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN8ojNAH3IaY6rFadqMI-2c&google_cver=1
Request Chain 252
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=&expires=30
Request Chain 253
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQJETK1-3-JHMR
Request Chain 254
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzBkMzUxOGQ2NmUxMWUwNzliNmRlYzA4YjVmZmY0NmY1Y2I1NGRhZg
Request Chain 255
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB7FU7LX8MAABL0ILIbdQ&expires=30
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRQJETK1-3-JHMR
Request Chain 257
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQJETK1-3-JHMR&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQJETK1-3-JHMR&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRQJETK1-3-JHMR&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OQ0ZrSnRsRTJ1RzRNdm44NjZPenZnVF96QnBNSk5Ibn5B&ovsid=LRQJETK1-3-JHMR&dpid=58160
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 259
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR
Request Chain 260
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9d813f7f-f811-48f3-85aa-0a9db2943f3d&expires=30
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRQJETK1-3-JHMR HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR&ckls=true&ci=t8viExOEnz&nc=false&trid=122938320
Request Chain 275
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9308ec43-e3ae-3f31-a291-3ead55bb98f8
Request Chain 285
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za-hTsAd2z0o6YwhzgsgZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKu3rL9OBLx86MaSS-c2VF8&google_cver=1
Request Chain 286
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7382765016243788889
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
Request Chain 289
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6090886847504423763&gdpr=0&gdpr_consent=
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za-hVQAQqK4_RwBH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za-hVQAQqK4_RwBH&_test=Za-hVQAQqK4_RwBH
Request Chain 292
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9762b539-d7c7-44db-90cc-9234b730d428&expiration=1737647707
Request Chain 301
  • https://ums.acuityplatform.com/tum?umid=27&uid=ICkbiPZHHeqaHvfySAOVZpoc&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=880325447675
Request Chain 302
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Request Chain 303
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=DG2vwtTtrdBF-22vfB1M6YyOJdRe2UB_UQtW3H06gE8&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
Request Chain 305
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRQJETK1-3-JHMR&gdpr=0
Request Chain 308
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 309
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Drkt%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3490269009335648000V10&type=rkt&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=969751697225496346
Request Chain 313
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dr1%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939798741 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/7f918612-84ae-4d74-8302-b161ddf6a31e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dr1%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3DRX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=r1&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ5MDI2OTAwOTMzNTY0ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEP3l24FyULbtMzttCccuHiI&google_cver=1
Request Chain 315
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Ddxu%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=dxu&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=AqzA1y3t1Rsj715
Request Chain 316
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31be1049-9c01-4c85-8803-eb6651fa5faa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Request Chain 318
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=E9mh-UUThzA6rbkyGubs
Request Chain 319
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3490269009335648000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3490269009335648000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c0f4ca35-e5ee-4437-9a17-a464a63ced7b&cs=1
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f918612-84ae-4d74-8302-b161ddf6a31e
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LRQJETK1-3-JHMR HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRQJETK1-3-JHMR

347 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
canoe.com/puzzles/ 		107 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.147.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.147.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
b9a7027c013faa24de1f51e7eaa56d021193df23acaf81dc3e9fe064794d36d5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=180
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 15:54:51 GMT
expires
Tue, 23 Jan 2024 15:58:02 GMT
last-modified
Tue, 23 Jan 2024 15:53:14 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-84b7bb6c96-4pghz
x-pmd-cache
HIT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:35:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 15:54:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
eaf4772ed048e578ae01ee712ce8c30b267a31ae659b1a5762904ee3af36911a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29658
x-xss-protection
0
server
cafe
etag
340 / 19745 / 31080610 / config-hash: 1061630321124036141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 15:54:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:12 GMT
content-encoding
gzip
via
1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront), 1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
41
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
WbFbeqJIMIj1pyCnn2YdhGC2ZIJfp8qOvAZ46lxISLBcwxkcZfefOQ==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		575 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-2-235.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
89ff09e3f01130048679d910a3e402117f9c6f12cbd41c219ade525946d1dad4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_Canoe_Web.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
162180
expires
Tue, 23 Jan 2024 19:25:53 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-120.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 06:37:19 GMT
Content-Encoding
gzip
Via
1.1 036a9c4a824b984cd31ef0e9e0ecd306.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
YUL62-C2
Age
33454
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
xZbFVSuwkHQMfj30-UoRCl3lTwqDhW1Dkv9kGnbrvnvZCUK6AhytYw==
output.e13822da2ca5.css
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/output.e13822da2ca5.css
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 08:34:08 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399608
age
372044
x-guploader-uploadid
ABPtcPoDzJ1g0HvQBi9lZL0Q92xZconJBu8YyzXV2Hwza0A5n_9e2vha4PDrPX3LFDR4Cdh6DDwzd80upQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2526
last-modified
Wed, 10 Jan 2024 18:00:57 GMT
server
UploadServer
etag
W/"e294df1b7807772797bf8455e49389d1"
vary
Accept-Encoding
x-goog-generation
1704909657471900
x-goog-hash
crc32c=7LFLRw==, md5=4pTfG3gHdyeXv4RV5JOJ0Q==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
29809
accept-ranges
none
output.8e879b749634.css
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/ 		89 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/css/output.8e879b749634.css
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
af7af603d012ddfd269d068e68a3e88dc56305a1ae53593d790d05eddebd0f69

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 10:28:37 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
19575
x-guploader-uploadid
ABPtcPoU5Qt93YdKgkOs_uQOmVkqenN905i2zIuUvtNFDYXmo_1asDjsAF748KdF5UuAZU5WjoI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14510
last-modified
Wed, 10 Jan 2024 18:00:55 GMT
server
UploadServer
etag
W/"ac6ad9315f1e219cb08bbdb029182a2e"
vary
Accept-Encoding
x-goog-generation
1704909655858026
x-goog-hash
crc32c=0sQuOw==, md5=rGrZMV8eIZywi72wKRgqLg==
access-control-allow-origin
*
content-type
text/css
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
91329
accept-ranges
none
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-7.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:52:42 GMT
content-encoding
gzip
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 21:44:22 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
131
x-amz-server-side-encryption
AES256
etag
W/"edee28fbd3a5c9f3c17e0333554b5646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
qPscFmY1rutkIq7WvlJPZYKVANMsm8W6LTOechsGsD7ZMQWmvPlLQQ==
fem.js
fem.gprod.postmedia.digital/v94.0/ 		380 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/fem.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d743899b78431bf5a679df7a9fdba7017229b49a8951a9c118f3556d8a6e632d

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 22:36:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
667113
x-guploader-uploadid
ABPtcPrbbTi_5lRNjeM7s2_m59Ddw4p6b6uiP-xepO_QdWq6E72tRSOZBiMjuMDQDbSM5zpubLKHvnF2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109074
last-modified
Tue, 02 Jan 2024 21:03:43 GMT
server
UploadServer
etag
W/"789f7840bba8792f251d8242266af500"
vary
Accept-Encoding
x-goog-generation
1704229423211415
x-goog-hash
crc32c=ou3ihg==, md5=eJ94QLuoeS8lHYJCJmr1AA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
389551
accept-ranges
none
content-type
application/javascript
bootstrapper
tags.qortex.ai/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 16:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
171
etag
W/"122"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v6H3scXVVsmSyuafHhQcPdRUGgxixmAy%2BaPyPhDo8pLWyfMFVTjMBp5PUBM5JJrHC3zeFwoGMhJcHsQeUVycVafjHlep2fGPXTsnH5h4G%2B7fNYbDetVVhRK55xoZkl3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
84a137bc7ec65497-YYZ
embed.js
cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-109.ewr53.r.cloudfront.net
Software
openresty /
Resource Hash
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:52:29 GMT
content-encoding
gzip
via
1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
143
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-robots-tag
noindex, indexifembedded
content-length
22525
x-amz-cf-id
iD6bB4WLB5Ay_wU-h2b0CV7aOyDn_kwJmn1DGEWu_tr5cn7gz3hp3w==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.142.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YAAVN86AAWX48FMF
age
3823
alt-svc
h3=":443"; ma=86400
x-amz-id-2
q1RGEVUPBBhfGHIrr/UbdZogHTMCAMWvIqbzpEQCTOLCDBByw8PelfgAeC24k5AI5Hg+uQ5D9Ck=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBGb4dELWGlRhwSlnwjh6QcyEAumjZ3oL6FwnSgzdpq8MZN5S00UyyMgzWUQD%2FSOjrztmB6sZ3e2MWqIbmQWGCs8%2FzAAXpDP9YWwZCJaj%2F834Ye2DW3JA7c%2FvNfrslyI1Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
84a137bcba0d1a40-EWR
application-client.js
entertainment.service.amuniversal.com/assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-client.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
ETag
"8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b"
Vary
Accept-Encoding
Content-Type
application/javascript
Status
200 OK
Cache-Control
public,max-age=600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
7846
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 18b0fca4845f3542d7f0566683e26626.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
5111
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:23 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
84a137bb39a4369c-YYZ
x-amz-cf-id
0lTYlShJSRlVYIgHw_tmGm9TK9BQPZHf1s1QOFvTE84j4hT_P57c5Q==
expires
Tue, 23 Jan 2024 19:54:52 GMT
ms_auth_client.min.js
edge-auth.microsoft.com/js/ 		279 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-//+JTSXHp9HF2HqzkpzMX6lUFEjyN8Ens2GkEDEk5mAu8vugShwZR3s2HThn/ex2vs3/phZZxDlM2zYnu7NaMM5lucSTNqvcqKXz2axrS8OYaaepjlAtyOCO3eEbhpPgZD6E5W/I8uooDbii47K/YFMdIvXRmx753N5l5uLNpYU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-//+JTSXHp9HF2HqzkpzMX6lUFEjyN8Ens2GkEDEk5mAu8vugShwZR3s2HThn/ex2vs3/phZZxDlM2zYnu7NaMM5lucSTNqvcqKXz2axrS8OYaaepjlAtyOCO3eEbhpPgZD6E5W/I8uooDbii47K/YFMdIvXRmx753N5l5uLNpYU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 23 Jan 2024 15:54:51 GMT
last-modified
Mon, 01 Jan 1601 09:41:23 GMT
x-msedge-ref
Ref A: CF911F7608E74171BF985552D6E70167 Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:52Z
etag
"5137e73888"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
285448
shared.2985cfdc4158.js
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
31bb647caffd6b5e814011355c22ad1cc15ca16e82a9bc64c887a3b1a3aa70b8

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:28:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
163606
x-guploader-uploadid
ABPtcPobVNALeqn0HDPeTaQwkMp8Z8WHlM4j-EKLHhnTsC2DntY3gjJNgpHC0DHpGKqkXFeBigLXMnSk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7519
last-modified
Wed, 10 Jan 2024 18:00:58 GMT
server
UploadServer
etag
W/"6bcf46784f0935bb863f38bf709e4fdb"
vary
Accept-Encoding
x-goog-generation
1704909658060703
x-goog-hash
crc32c=fzlbZA==, md5=a89GeE8JNbuGPzi/cJ5P2w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20870
accept-ranges
none
content-type
application/javascript
main.3e80addd74a4.js
dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/main.3e80addd74a4.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e80addd74a44579cc08ffc12989b8ab8dc136713c977c6da3aed5369b752409

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:28:06 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399607
age
163606
x-guploader-uploadid
ABPtcPquIV-XT21bPl40EPqNpTM_T-nrThq_9Go4dc-srgNptJetd7AUpX1gYvsvT32rcoxJ8q7D4yp7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46375
last-modified
Wed, 10 Jan 2024 18:00:58 GMT
server
UploadServer
etag
W/"d318024817c13557c3e306ab5bfd41ce"
vary
Accept-Encoding
x-goog-generation
1704909658042897
x-goog-hash
crc32c=3rdnxA==, md5=0xgCSBfBNVfD4warW/1Bzg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
136803
accept-ranges
none
content-type
application/javascript
geo.json
cdn.jwplayer.com/v2/ 		40 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/geo.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-109.ewr53.r.cloudfront.net
Software
/
Resource Hash
ad32d3c936d1030661f1c8f55b25db870167fc7c02134fd7e9dbe1d31029fb41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:53:12 GMT
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
age
100
x-amz-cf-id
Rn2oKKTefYCKptASp9yvaFVESRw-jyoP_eYViPpQG8-sl-JpMUSXeA==
x-cache
Hit from cloudfront
index.js
ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/services/jwpsrv/v/4/index.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/v2/sites/ReDAXyY4/placements/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
via
1.1 varnish
age
2707
x-cache
HIT
content-length
20535
x-served-by
cache-yyz4562-YYZ
last-modified
Wed, 13 Dec 2023 06:00:18 GMT
server
AmazonS3
x-timer
S1706025292.244447,VS0,VE0
etag
"1d1853b5560baf12b94fc6c5f4860bd2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
229
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/10276888/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Server
13.35.93.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-67.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 13:02:36 GMT
content-encoding
gzip
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
10337
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
a8fV-43gksaj1cBqbw-Sjk09gz4D-WpXGShRDdgvkX2C4AfL72wJGQ==

Redirect headers

date
Tue, 23 Jan 2024 15:54:52 GMT
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
V51lm0JHzZk4n9BiUW-pZi35oqv7_blQNIUI0mBwgv_keaiCjWbLZw==
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		467 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ad8774812be6d5ba993fc09a10b2d4daf6bbf2c4290447e0835dc3c31069ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPqVn26H1UAUVSw7_zFxqM-6jr8nNDocXqnW_Jii-PurWCokvCVsgZIM95ufzGHuOZ9cWmrRr0bfsg__Bl8
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
118427
last-modified
Wed, 17 Jan 2024 15:11:27 GMT
server
cloudflare
etag
"9104f04147eda21881493bab30a75d3b"
vary
Accept-Encoding
x-goog-generation
1705504287868628
content-type
application/javascript
x-goog-hash
crc32c=zZ2+ww==, md5=kQTwQUftohiBSTurMKddOw==
cache-control
public, max-age=900
x-goog-stored-content-length
118427
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a137bcb9f336cb-YYZ
expires
Tue, 23 Jan 2024 16:09:52 GMT
index
entertainment.service.amuniversal.com/ Frame EBFC 		48 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
5d6a8530a31773fd2af9ff271927f136fd4f13b8ddb1613d75c5852ec99b8482
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7438
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 15:54:52 GMT
ETag
W/"5d6a8530a31773fd2af9ff271927f136-gzip"
Keep-Alive
timeout=5, max=98
Status
200 OK
Vary
Accept-Encoding
X-Frame-Options
ALLOWALL
X-Request-Id
59f7d2d7-18b6-4fe1-b642-3c6c2bf19548
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
22266
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
5355839101460123655
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 22 Jan 2025 09:43:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 04:14:19 GMT
x-content-type-options
nosniff
age
560433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 04:14:19 GMT
PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 04:12:26 GMT
x-content-type-options
nosniff
age
560546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18860
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:03:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 04:12:26 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
fonts.gstatic.com/s/heebo/v22/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v22/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EbiusdUmm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:28:51 GMT
x-content-type-options
nosniff
age
354361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11076
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:28:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:700%7CMartel:400,700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 16:28:27 GMT
x-content-type-options
nosniff
age
602785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 16:28:27 GMT
3528
config.aps.amazon-adsystem.com/configs/ 		532 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3528
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-124.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
b9df090a780c244b84fa12207ec5a14280b6a14393729f2a0561ac183fe05b43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:42:11 GMT
via
1.1 9b4f2014232c90b3056e1fb1e00215fc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
761
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
vxQdW8Lm0mi-e5wEhZXSswJ63IJrCmvajo9pMvXD5ZP_SKTTg85hoA==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fcanoe.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
55e2dcc70dcb2cd2dd134dcbfc9ea460d3dce79a667191d9618bb708f9619c63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:35:02 GMT
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
age
15589
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1112
x-amz-cf-id
ShYbEqOWNlTdh0kbwuGu9a2IHenu-pjJNgUhpErlYjlgK5OLms0UYw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:11:38 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 79c0ea1b8525955caa2a98e094ca20ec.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
85395
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
HdgEwgE_nEb2toNc0Spk5F9PWYwjBORClind2tmC44uVZ61-2pZ_uQ==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		82 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.2.235 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-2-235.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
34fb702bca2091bfa8e6524fce26c7dc195250859b6ee4b48ddeac91df31b040

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 14:40:31 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6819
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240123
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1140c2d2f752a7f86e08b5880a1d1742b21da4154af6910c30b644f75d62deaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Jan 2024 15:54:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
42842
x-jsd-version
1.0.1943
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
806
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
etag
W/"635-RUeA9OhcTGzJJ7AJIo108ERPmfU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.1.200.228 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-1-200-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 23 Jan 2024 16:09:52 GMT
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
503369
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84a137d0eb213a00-YYZ
expires
Fri, 26 Jan 2024 15:54:55 GMT
player-event
events.qortex.ai/api/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.qortex.ai/api/v1/player-event
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zauj%2Fr3vo%2FiX5K1DEW4CN51aSXlt0La2z7IQuEy5WqDrsWWwMoHozYEOn7xoAYVpjQ3HUx%2BSztfaMJWHHUO2Oo8uBjl95fA2jw7u7MtLkJ6DoALgeXun9X7b%2BcILNapYdxY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
84a137bdb8e439d5-YYZ
content-length
0
cx-bootstrapper-init
tags.qortex.ai/cxo/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.qortex.ai/cxo/cx-bootstrapper-init
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 16:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110
etag
W/"122"
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y77ZfrfsgN9gHvxCD%2BS%2BtcZCeNrd6HKRIhWa1H0pG33cZ1gdDH3oFv6scfUwgw0TENCmAVmHEXxuvAOHUv3AlEo8PN9kSG9drAMrKcaEsJhFkpujKRQJGT9luAmDOUZN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
84a137bd4fd55497-YYZ
init-3392tkd9ir9ggbv3f0mu.js
api.fouanalytics.com/api/ 		0
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-3392tkd9ir9ggbv3f0mu.js
Requested by
Host: tags.qortex.ai
URL: https://tags.qortex.ai/bootstrapper?group-id=VOasUCJt3E6ILpo1BnYrpw&video-container=.jw-wrapper&continuous-load=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.97.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEEVzM9z%2BeTZvha59tgEIEmOgOqiVyy%2FmVVYQDDPT8n6YFsp4dyAR7nw%2BqlIaJzSHHHcRs%2F6eVPvGva%2FUkVUEOvsLTuTdD7Z8rbSHTnPPSFNS%2Fkych7Gygxa%2BuCBM32cEuq4kElTHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a137c47c718c7e-EWR
alt-svc
h3=":443"; ma=86400
expires
0
noscript-3392tkd9ir9ggbv3f0mu.gif
api.fouanalytics.com/api/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.fouanalytics.com/api/noscript-3392tkd9ir9ggbv3f0mu.gif
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.97.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gdnywRQkdbbi14urihab9CFyObV0%2FEFAr5cP6070UCIylqUk7lx7HBTcKGSXO4cpBQ%2FCZ2cVlMVMW2uyEywDAf44eD%2BK7llobCFTDt%2F3RPsQJ65Tx62GG7G6xh7OJEmADz2JRg83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a137c47c6f8c7e-EWR
alt-svc
h3=":443"; ma=86400
expires
0
xd.html
fem.gprod.postmedia.digital/v94.0/ Frame 541A 		165 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
08a6364cc8a5ea74bba1d5286957fc821d303eacb1608e08537f0306f354bafa

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1121322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Wed, 10 Jan 2024 16:26:10 GMT
etag
"5401749c174d17b1ae1237ec1b921d9c"
last-modified
Tue, 02 Jan 2024 21:03:45 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1704229425265892
x-goog-hash
crc32c=BuyMXg== md5=VAF0nBdNF7GuEjfsG5IdnA==
x-goog-meta-goog-reserved-file-mtime
1704229360
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ABPtcPo-ds_qUWGWwUb8u5WcoaK_wTE09qpof8pc1VK6SPZSqoaMYJIn-9Ei49L-QUdfxC7kQ3Fp0SbaRHtGNuOgUYEiFTNX3Pro
icon-soc-fb.svg
dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/ 		775 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/icon-soc-fb.svg
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:17:12 GMT
x-goog-meta-goog-reserved-file-mtime
1704399610
age
1114660
x-guploader-uploadid
ABPtcPqxuBRAVwv6hXSHy9wrgLbOV462sq1UFv1hLOraaE65Ll6X3NHw-Amyew2SD6e5vVl4JfC6HzVzQi7s5XsWPiWuQw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
775
last-modified
Wed, 10 Jan 2024 18:01:38 GMT
server
UploadServer
etag
"993353c51244defcc16154eac23ff88d"
x-goog-generation
1704909698838210
x-goog-hash
crc32c=Z/aKUg==, md5=mTNTxRJE3vzBYVTqwj/4jQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
775
accept-ranges
bytes
icon-soc-tw-white.svg
dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/ 		575 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/images/share-icons/icon-soc-tw-white.svg
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 06:44:19 GMT
x-goog-meta-goog-reserved-file-mtime
1704399610
age
897033
x-guploader-uploadid
ABPtcPqhqbZfwEJZ1BJRxlcE71PoG22luxb37ax_82XHtI3W4EUUyN04p4K9SnPtgdgls78PW94
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
575
last-modified
Wed, 10 Jan 2024 18:01:38 GMT
server
UploadServer
etag
"962f9e913be056fe4b2f24db6048e72f"
x-goog-generation
1704909698997233
x-goog-hash
crc32c=Lzt2WA==, md5=li+ekTvgVv5LLyTbYEjnLw==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
575
accept-ranges
bytes
1193ab1b423b6539df7b4.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/1193ab1b423b6539df7b4.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3f7c2b147316b3286f816d1d85c0d2c539ce8be5b6b851443f5bc0c6274a03f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:14:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399608
age
1114833
x-guploader-uploadid
ABPtcPpro6wf3dAr7fUYcV6xWTF2zeynS8Gk2hMUba7qvkJQOCezQ9w9vpRuaxuXDjuEaLgkpA_1nS2KdIYWvfjWkdxF7g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4391
last-modified
Wed, 10 Jan 2024 18:01:40 GMT
server
UploadServer
etag
W/"b7125612c91b8bc7d44febc13c01cee2"
vary
Accept-Encoding
x-goog-generation
1704909700590282
x-goog-hash
crc32c=ylNeow==, md5=txJWEskbi8fUT+vBPAHO4g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
15526
accept-ranges
none
a22185a71907d8927c8537.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		224 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/a22185a71907d8927c8537.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:14:19 GMT
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1114833
x-guploader-uploadid
ABPtcPogg5djoDjyW9ObJ3DDQup-jJcB-H62fdjMCPjwSa4uNwKeAah-HOSVGPDgUJFwINu31No
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
last-modified
Wed, 10 Jan 2024 18:01:43 GMT
server
UploadServer
etag
"4ee0e989a064cf6630bf9ebee4879191"
x-goog-generation
1704909703373459
x-goog-hash
crc32c=jUJANA==, md5=TuDpiaBkz2Ywv56+5IeRkQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
224
accept-ranges
bytes
7380f428297495c9787e0.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/7380f428297495c9787e0.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:14:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1114833
x-guploader-uploadid
ABPtcPq470R8GeMPM1zl6U7jBKwipLxM-ogKI-hULusizmJbXRuWzeAy3SNH57HN7xPDXeWsKmw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2827
last-modified
Wed, 10 Jan 2024 18:01:43 GMT
server
UploadServer
etag
W/"16a345a6eb36c4391df09d45582d99e7"
vary
Accept-Encoding
x-goog-generation
1704909703139777
x-goog-hash
crc32c=eCv7Ug==, md5=FqNFpus2xDkd8J1FWC2Z5w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
4f4d1628a8065ccff16624.js
dcs-static.gprod.postmedia.digital/15.2.1/websites/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/15.2.1/websites/js/4f4d1628a8065ccff16624.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/15.2.1/CACHE/js/shared.2985cfdc4158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 18:14:19 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704399609
age
1114833
x-guploader-uploadid
ABPtcPrkmcaQnfdeAhAJtU_8zt3xLtDRPErPmIFQn5_ZFEU6rLrvWDg1W9MKv40f16pX1o8kOqKbEHaiBg7a5MzPiXRpFA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2083
last-modified
Wed, 10 Jan 2024 18:01:42 GMT
server
UploadServer
etag
W/"c6326d88acc6beb06cf9db5fffaee6c6"
vary
Accept-Encoding
x-goog-generation
1704909702545418
x-goog-hash
crc32c=hqW8ug==, md5=xjJtiKzGvrBs+dtf/67mxg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6047
accept-ranges
none
pub
pixel.adsafeprotected.com/services/ 		567 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.90,970.90,728.90%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&slot=%7Bid:ad-rr1,ss:%5B300.250,300.600,300.1050%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a4c103fe-b97d-5a96-eef0-59e4a69bb1cc&url=https%253A%252F%252Fcanoe.com%252Fpuzzles%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-72-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
90d0c3437087783c862c38b4c19910799ae3b0fb65789c7e443e5a36f977b73e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
server
nginx
x-server-name
app72.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		189 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&pid=JvxGFGaLAYb5T&cb=0&ws=1600x1200&v=24.116.2102&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x90%22%2C%22970x90%22%2C%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22ad-rr1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.212.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-212-32.yul62.r.cloudfront.net
Software
Server /
Resource Hash
a8277b69a2582f48ef7806fff1bffd21c0189ff23106b6a459ab3125aad73996

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
via
1.1 32ea9b2b7eaaba833294021989c78c08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
189
x-amz-cf-id
S6qXTzvf67izROukvuB3kO_h1kYFTMiGQ982qwd5F8ggJAopmBUjNQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 15:54:54 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:32:33 GMT
content-encoding
gzip
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
4956
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
v8QDIJcYgcQv2ysDX9AO7NPSbbasZUHskPn7Sdwu6uAwgIA1Bm6mMA==
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
503370
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84a137d0eb233a00-YYZ
expires
Fri, 26 Jan 2024 15:54:55 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Jan 2024 15:54:52 GMT
x-content-type-options
nosniff
content-encoding
br
age
29607
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4526-YYZ
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:08 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
54ff265e754dcf39ed799591e6c1b254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 02:15:51 GMT
content-encoding
gzip
age
1172357
x-guploader-uploadid
ABPtcPpu7wC6ouaYbu8xfBkFfeFjIzRIxkDigAAT2bfsJrQpd7GTbO684qLPYF0AaOvvj3f9SD3ujqZQpkbC405Iv0MSKotPw7LU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 09 Jan 2025 02:15:51 GMT
application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
entertainment.service.amuniversal.com/assets/ Frame EBFC 		256 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
b260521dc91bb9be40d0cb9e8ae37b39c94703b68d7d29cbcd5aad0922665a83

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Feb 2022 22:25:13 GMT
ETag
"3fed0-5d82a1f8b4440-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
33843
theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
entertainment.service.amuniversal.com/assets/ Frame EBFC 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
c62298477bd42f1c46d68b84e392835c73934351c1575fc42e913a5ea0500e42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Nov 2020 18:28:00 GMT
ETag
"cec4-5b5572b7dcc00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8026
application-uu-2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d.js
entertainment.service.amuniversal.com/assets/ Frame EBFC 		226 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d.js
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 21:28:00 GMT
ETag
"389ed-60c429bb57800-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwfcx/ Frame EBFC 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwfcx/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4e68ac0015808af69b71d59431594ddf3ff4f02a3cd18a96e3304fa29ae5d4dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Via
1.1 hx171:7 (W), 1.1 PSmgnyNY3mh45:17 (W)
Last-Modified
Thu, 14 May 2015 15:52:46 GMT
Server
PWS/8.3.1.0.8
Age
571513
ETag
"281a5-5160cb802f39b"
X-Ws-Request-Id
65afe14c_PSmgnyNY3mk42_13810-38680
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164261
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsudoc/ Frame EBFC 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsudoc/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
baaecda7950dc6861f7af443ce361e6b1d57098faabff2d3940083e602f81980

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Via
1.1 PS-DFW-01ItT28:1 (W), 1.1 PSmgnyNY3aa36:8 (W)
Last-Modified
Thu, 14 May 2015 16:09:36 GMT
Server
PWS/8.3.1.0.8
Age
571513
ETag
"2a38a-5160cf43d3b3e"
X-Ws-Request-Id
65afe14c_PSmgnyNY3mk42_13810-38675
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3aa36JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172938
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjum/ Frame EBFC 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjum/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e063cbc5a59613d0f25d3d16fe7e4a5a9369a3a20e9cecf321a8dca35167b2b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 hx172:3 (W), 1.1 PSmgnyNY3vz41:21 (W)
Last-Modified
Thu, 14 May 2015 15:56:01 GMT
Server
PWS/8.3.1.0.8
Age
405559
ETag
"203a1-5160cc3a1aeef"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38712
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3vz41JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132001
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwudw/ Frame EBFC 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwudw/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ea8f014d424f84c2708303d930ca216c61304aaa7bc4e64e04d5f43d5731444e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-IAD-01v1h233:7 (W), 1.1 PSmgnyNY3mk42:16 (W)
Last-Modified
Thu, 14 May 2015 15:55:40 GMT
Server
PWS/8.3.1.0.8
Age
386296
ETag
"13801-5160cc25f966b"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38715
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79873
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwps/ Frame EBFC 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwps/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
10e818cfd743cbe48191a4032bce71298af986268b0f1fb0f8f67a3421cd9989

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 hx172:9 (W), 1.1 PSmgnyNY3mh45:17 (W)
Last-Modified
Wed, 10 Aug 2016 14:12:42 GMT
Server
PWS/8.3.1.0.8
Age
571292
ETag
"2d7f8-539b83e218b79"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38716
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
186360
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwfs/ Frame EBFC 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwfs/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
98d87dbd0b05bdf5285815e9b767af29c342f14b47d00a5f9d33310e3514ab49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PSmglsjLAX2ay162:10 (W), 1.1 PSmgnyNY3mk42:11 (W)
Last-Modified
Tue, 21 Mar 2017 20:49:42 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"22eb2-54b43c882d79c"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38718
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143026
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsqk/ Frame EBFC 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsqk/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
75f058a275fb2db8a66198c8c0a18e307985a248f5c8f12e03d25255665710a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PSmglsjLAX2ay162:4 (W), 1.1 PSmgnyNY3mh45:4 (W)
Last-Modified
Tue, 21 Mar 2017 20:53:49 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"2acdd-54b43d7419d35"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38720
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
175325
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsqp/ Frame EBFC 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwsqp/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
cb0d917a65f17b9ee9593d9e3921a3d37a4b94921c7fcfc06e8329ddb9089690

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-DFW-01aXu27:5 (W), 1.1 PSmgnyNY3xb43:1 (W)
Last-Modified
Wed, 10 Aug 2016 14:25:20 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"33921-539b86b487bf7"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38691
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
211233
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwdc/ Frame EBFC 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwdc/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
676692567f126a1321ba018fdf5d5994d9e62298ca701ecaf432b8bb696310d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Via
1.1 hx172:8 (W), 1.1 PSmgnyNY3xb43:9 (W)
Last-Modified
Tue, 21 Mar 2017 20:36:38 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"1f9e1-54b4399c5e72d"
X-Ws-Request-Id
65afe14c_PSmgnyNY3mk42_13810-38686
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
129505
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwbtq/ Frame EBFC 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwbtq/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
caa14fc1cc6385ace6f22b30e3d64c7aeb3ebe15f4e42aff5c5badfb81fc8cca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-IAD-01v1h233:9 (W), 1.1 PSmgnyNY3xb43:0 (W)
Last-Modified
Wed, 10 Aug 2016 14:03:58 GMT
Server
PWS/8.3.1.0.8
Age
11663
ETag
"2f171-539b81edd21ad"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38697
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
192881
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjq/ Frame EBFC 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjq/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
5ac5a8239722a227c64ea9eff7889359f985d60db0f38766a47e159856bb62f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PSmglsjLAX2ay162:6 (W), 1.1 PSmgnyNY3xb43:21 (W)
Last-Modified
Tue, 21 Mar 2017 20:51:52 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"32728-54b43d03c7fbc"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38693
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
206632
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwmjq/ Frame EBFC 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwmjq/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6d8a95865dcb3e61f0864905400978ea023346683fdaaab5742adc81f7b03c3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-MIA-010Xa26:1 (W), 1.1 PSmgnyNY3aa36:5 (W)
Last-Modified
Tue, 21 Mar 2017 20:52:35 GMT
Server
PWS/8.3.1.0.8
Age
405558
ETag
"2bfe7-54b43d2d8293a"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38695
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3aa36JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180199
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwmm/ Frame EBFC 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwmm/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
53c4cb755798eca54dbf247c0a96d46dd958da8ed9bac079c299085f40d8b41a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 hx171:10 (W), 1.1 PSmgnyNY3mh45:4 (W)
Last-Modified
Tue, 09 Aug 2016 16:26:16 GMT
Server
PWS/8.3.1.0.8
Age
11785
ETag
"30683-539a5fdf96929"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38704
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198275
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwds/ Frame EBFC 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwds/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e694738a888a81dfc7ba1b2be39b08da3c8cf50a86dec25c7388b03d9ff51798

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-DFW-01aXu27:6 (W), 1.1 PSmgnyNY3xb43:20 (W)
Last-Modified
Wed, 15 Mar 2017 23:40:41 GMT
Server
PWS/8.3.1.0.8
Age
11870
ETag
"20185-54acd78ed051d"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38708
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
131461
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwken/ Frame EBFC 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwken/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
795db5bfa7e44fdc0e4c148cace3e419e509080e5e8cd012f3b40541a72126a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-DFW-01ItT28:12 (W), 1.1 PSmgnyNY3mh45:2 (W)
Last-Modified
Thu, 14 May 2015 15:56:39 GMT
Server
PWS/8.3.1.0.8
Age
405559
ETag
"1b643-5160cc5eb85db"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38700
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112195
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwdd/ Frame EBFC 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwdd/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1a7d3eb569755680705ab58c29b11a63128ed10e00ab46d95a8c21eb09615cbc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 hx171:8 (W), 1.1 PSmgnyNY3xb43:9 (W)
Last-Modified
Tue, 21 Mar 2017 20:38:35 GMT
Server
PWS/8.3.1.0.8
Age
405429
ETag
"26138-54b43a0bfaa69"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38721
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xb43JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155960
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwhod/ Frame EBFC 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwhod/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ca12e73281c4808c3140fa8b912864c7e7243511d33bae503985c541be5f6dcb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-DFW-01ItT28:12 (W), 1.1 PSmgnyNY3mk42:18 (W)
Last-Modified
Tue, 21 Mar 2017 20:51:03 GMT
Server
PWS/8.3.1.0.8
Age
405429
ETag
"29907-54b43cd5e9d27"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38733
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
170247
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjd/ Frame EBFC 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwjd/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
d25bb8ce326147d2acfdd5b129123bd4d31b8677ce4b63fe610360bd268cfb27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-MIA-01gqi24:3 (W), 1.1 PSmgnyNY3mh45:7 (W)
Last-Modified
Tue, 21 Mar 2017 20:41:37 GMT
Server
PWS/8.3.1.0.8
Age
571512
ETag
"2c18f-54b43ab9518d4"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38736
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3mh45JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180623
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwstdd/ Frame EBFC 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwstdd/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
24b3a7ad7a59827d0c649df99aadd395e939cd0669630d65caf1bfb187f2cb74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:54 GMT
Via
1.1 PS-DFW-01aXu27:3 (W), 1.1 PSmgnyNY3xg48:14 (W)
Last-Modified
Thu, 10 Nov 2016 14:54:49 GMT
Server
PWS/8.3.1.0.8
Age
11786
ETag
"2ff2a-540f38e25089d"
X-Ws-Request-Id
65afe14e_PSmgnyNY3mk42_13810-38741
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xg48JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
196394
mid_avatar.png
avatar.amuniversal.com/feature_avatars/avatars_large/features/iwwr/ Frame EBFC 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/avatars_large/features/iwwr/mid_avatar.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ed5c431fb99a10c6b50d52cdeeabab3eea3147cd7569db5de74194285fb00690

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:54 GMT
Via
1.1 hx171:4 (W), 1.1 PSmgnyNY3aa36:4 (W)
Last-Modified
Thu, 14 May 2015 15:54:57 GMT
Server
PWS/8.3.1.0.8
Age
405431
ETag
"18874-5160cbfdd49c7"
X-Ws-Request-Id
65afe14e_PSmgnyNY3mk42_13810-38745
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3aa36JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100468
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/da/ Frame EBFC 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/da/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
68834f66060897ebf03e663ab5d56027ed4e97a39a8a050d78ab67bbe5331ed8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:53 GMT
Via
1.1 PS-IAD-01v1h233:4 (W), 1.1 PSmgnyNY3aa36:4 (W)
Last-Modified
Thu, 28 Jan 2016 21:51:50 GMT
Server
PWS/8.3.1.0.8
Age
536663
ETag
"113b8-52a6bed13c329"
X-Ws-Request-Id
65afe14d_PSmgnyNY3mk42_13810-38707
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3aa36JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70584
small_hero.png
avatar.amuniversal.com/feature_avatars/hero_images/features/man/ Frame EBFC 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatar.amuniversal.com/feature_avatars/hero_images/features/man/small_hero.png
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.185.170.144 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
d7617ea944679142c5bbf19a0d868f2ca0f2488768ab7f99ed0aaf1636be58eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Via
1.1 PS-DFW-01aXu27:14 (W), 1.1 PSmgnyNY3xg48:5 (W)
Last-Modified
Mon, 01 Feb 2016 19:38:39 GMT
Server
PWS/8.3.1.0.8
Age
530565
ETag
"185f6-52aba8824932b"
X-Ws-Request-Id
65afe14c_PSmgnyNY3mk42_13810-38685
Content-Type
image/png
Cache-Control
max-age=604800
X-Px
ht PSmgnyNY3xg48JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99830
application-uu-postload-864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993.js
entertainment.service.amuniversal.com/assets/ Frame EBFC 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/application-uu-postload-864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993.js
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 21:28:00 GMT
ETag
"41a-60c429bb57800-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
520
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20C...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Server
13.35.93.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-67.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
X4kviDFapzwLab3mD0OVU0Fetf4q6mdoRm7gtNZvNACjMQBMTifTIQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 23 Jan 2024 15:54:52 GMT
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=10276888&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1706025292504&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&c8=Puzzles%20and%20Games%20%7C%20Canoe.Com&c9=
content-length
0
x-amz-cf-id
tZjjIaIa3UJ7ztxxPPixUQgAEIWRDWJJum8e1eXglQTc4ssT7fKSHw==
xd.js
fem.gprod.postmedia.digital/v94.0/ Frame 541A 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2d91504858b1adf23a9a4605b6a1ba64a5c8358d22bd070b521d6d3624e4ddd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fem.gprod.postmedia.digital/v94.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:26:10 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
1121322
x-guploader-uploadid
ABPtcPqfW7itvOVwi740vyMJwqrOM4vdsvNz-W8JQZWVqdKg5MJwMixmOVpgkHp-POdVjNcwKVd7tTk-B7EU1c7f7nWyLBe95pcF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21170
last-modified
Tue, 02 Jan 2024 21:03:45 GMT
server
UploadServer
etag
W/"6587ec1d632745722a6cbdda763c7c55"
vary
Accept-Encoding
x-goog-generation
1704229425299926
x-goog-hash
crc32c=6uqRIw==, md5=ZYfsHWMnRXIqbL3adjx8VQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
68978
accept-ranges
none
gtm.js
www.googletagmanager.com/ Frame EBFC 		181 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TGGXGGJD
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/index?client_code=107103P&sub_id=6655&encrypted_url=U2FsdGVkX1%2BtH0xltPYIcFH7CLqadxvIZ2HHFDSnHWQyJxfaywmGoTETjStNjIEW%0A&embed_type=puzzle&template_type=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2bb9644bec25e7946e993c4bded8215f74452c1ab31249abd1716608a4299193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65465
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:53 GMT
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0fe7bdc0165328e62bba4b1c7f4b6f901256dfb0b846b9a2eb5ca6c77c333ac6

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:52 GMT
an-x-request-uuid
9f3891ab-0939-4cf0-b0c2-09570a371360
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
88e6db37-0569-4fcd-bc76-07a9dde9449a
https://canoe.com/ 		160 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://canoe.com/88e6db37-0569-4fcd-bc76-07a9dde9449a
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
164119
Content-Type
7e3ffe29-9d23-4f31-a5ea-f3021a6e6342
https://canoe.com/ 		160 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://canoe.com/7e3ffe29-9d23-4f31-a5ea-f3021a6e6342
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
164119
Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		668 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596732&size_id=2%3B15%3B15&alt_size_ids=55%3B10%3B2%2C55%2C57&eid_pubcid.org=b704dcc8-5f0e-491f-aa6a-7ed14c8d5d10%5E1&rf=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&tg_i.domain=canoe.com&tg_i.page=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&tg_i.aupname=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife&tg_i.pbadslot=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-rr1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=0b30e918-b99b-444c-a49f-2160a71d4ef2&l_pb_bid_id=2d66367e6e91df%3B3b59b720b7621e%3B4c5971b4cde7ee&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=aaf2e552-5717-490b-807f-3306762329c6%3B79f74cd8-ff12-4364-977e-c1bdd6124cb5%3Bc5526fe1-f1c6-41cd-b0e2-84d008e4b3e3&rp_hard_floor=0.25&rp_maxbids=1&p_gpid=%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-rr1%3B%2F3081%2FSMCO_CPTL_CAN_EN_WEB%2Flife%2Fdiversions%2Fpuzzles%2Findex%23ad-2&slots=3&rand=0.36321162684711594
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8e24c511919edd980d038922ee75824a1f22744cba776522582f783d096de205

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=42256644736&lsavail=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://canoe.com
date
Tue, 23 Jan 2024 15:54:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		377 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a1f8f93782990047be22637ecb7ce3d70c1d21f3d51eb6281b8a143480f6ac7c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:52 GMT
an-x-request-uuid
7237baee-0a88-4ca6-a336-1c08a78628e3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
377
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		0
0
bid
ap.lijit.com/rtb/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
bidRequest
c2shb.pubgw.yahoo.com/ 		0
0
v1
btlr.sharethrough.com/universal/ 		528 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
39cabe05090809af9c4724beac26627c05a535d176f937294c8397970c44b8fd

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
347
v1
btlr.sharethrough.com/universal/ 		662 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.235.214.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-214-237.compute-1.amazonaws.com
Software
/
Resource Hash
ed7a20f27a956c2a573a6ae57e1661f01845d0ac9ef47a1a5b3bd912f89a818f

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
392
pbjs
htlb.casalemedia.com/openrtb/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUKB9454
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
1d023b0c47cf8aa344819e1eac27eaf2c5d0a135e53d00575590510b66b1b6f5

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 15:54:53 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://canoe.com
date
Tue, 23 Jan 2024 15:54:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
geoip
api.permutive.com/v2.0/ 		271 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
115c8f8f8704f0a12c47f478200552a56fef3d60efec25acbfcd3d2972901027

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
watson
api.permutive.com/v2.0/ 		390 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4ce08de85bbd18152308e95bb8f79035e6198250b775bf52a4cd74b8c88480b0

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		73 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.119.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea622897ff5ed212a80d8a559c08cd8c82b26c15f0fb2e69295f632d62366c9

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:52 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ABPtcPon06xM_-4GsTV-KsxbUbLA6oo-JazFMwC3GyteQ7RwgXeBK0xdvIUsNEyN11QmLJ197PZv2n1GOK1Eg3BO0O6nug
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
50516
last-modified
Wed, 10 Jan 2024 06:02:27 GMT
server
cloudflare
etag
"ae8391b4074ab9d0e0e7bced5b50b924"
vary
Accept-Encoding
x-goog-generation
1704866547991524
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=t7Zhag==, md5=roORtAdKudDg57ztW1C5JA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
50516
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84a137c00c7639fa-YYZ
expires
Tue, 23 Jan 2024 15:24:50 GMT
iu3
s.amazon-adsystem.com/ Frame 330F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
318 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
859a68d1c7b4ff51622aae539e55da3c453f6d2f26b279ee5eaa2a6850724ade
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
318
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 15:54:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QDVX38QR9ZXSKSS6YEKC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 15:54:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZJ4TQMBKGW2WXZ3HEN9J
raleway-medium-webfont-e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572.woff2
entertainment.service.amuniversal.com/assets/ Frame EBFC 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/raleway-medium-webfont-e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572.woff2
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"5ad8-5b5570f6ae840"
Content-Length
23256
Keep-Alive
timeout=5, max=94
raleway-light-webfont-5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c.woff2
entertainment.service.amuniversal.com/assets/ Frame EBFC 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/raleway-light-webfont-5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c.woff2
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/application-uu-79b8bc5284ce122857feca100bbb6d6ed8c6b96bb7942a276e418e30a466f74c.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Last-Modified
Mon, 30 Nov 2020 18:20:09 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"5b68-5b5570f6ae840"
Content-Length
23400
Keep-Alive
timeout=5, max=97
fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff
entertainment.service.amuniversal.com/assets/font-awesome/ Frame EBFC 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://entertainment.service.amuniversal.com/assets/font-awesome/fontawesome-webfont-199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1.woff
Requested by
Host: entertainment.service.amuniversal.com
URL: https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
66.6.101.151 Lavaca, United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
/
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://entertainment.service.amuniversal.com/assets/theme-plugins-f1fc7fe6169405625fd46a53184cbfae4e50f0dd9923ee73abba444a738a4b4a.css
Origin
https://entertainment.service.amuniversal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:52 GMT
Last-Modified
Mon, 30 Nov 2020 18:28:00 GMT
ETag
"ffac-5b5572b7dcc00"
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
65452
segment
api.permutive.com/adv/v2/ 		44 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
56270e9e004db8efacc195a58790c8d397f757832b0f40a48e825d8f0fe7712f

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:54:53 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
content-type
application/json
js
www.googletagmanager.com/gtag/ Frame EBFC 		294 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D62HWTQP6Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGGXGGJD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
003697687a91a4c94c45dcd9a5682f23415a371147b7519a14742778de4e1ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://entertainment.service.amuniversal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 15:54:53 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8de66b2537c74eb840dde0edb77576dbf6b06bc4d64df5d89819ec9290a7bbdc

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0e46ee4a6e1b3ba80a47d37a1f99e557789870e48f0fcd4a8b6b3d8092620b09

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
pr
s.amazon-adsystem.com/v3/ Frame A287 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
335ef37710542935e01c9b9a594d6af7a7cfab349a9ad70b70d221a69f7e4163
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2008
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 15:54:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2B2T79H9E1V6HQWEDSDY
usermatch
ssum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
847 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5c5cc851e92a1db0a58a5823e37e3243aa5641fad561ad1e0c7fb5c1340db2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a137ca09a139f7-YYZ
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 15:54:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn5nQoMj%2B8%2FAdjSZe1qtYENBAwbApHlvxaijCpJJZU14UwHjBbNqdmMzD3igkMCyq8qNZiSk8B1ojgZP0lfBUvdvF1A7qCQyIKsGSKEjtbpukQWn7GYir75TRqAM6cfFXHYWnI5MsAiH7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a137c9986a39f7-YYZ
content-length
0
date
Tue, 23 Jan 2024 15:54:54 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOv3%2FhQMwwvyXc%2FEOzPi%2BDQQkyqB6hyBSUELHX%2BzXX0Xay9yFVqHnlMlHdSGSFMl00NscTixNljsIf%2FvWdM77vrRrZKl98%2BoGrM4uaqQeAvUZq3n8xfju0X9ANaEXM%2FcEtLAT2RN5Zzx0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 597B 		739 B
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
9362530937549606f05a09a1173d5797315547a9b09f56e83a7aae1503a316ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
739
date
Tue, 23 Jan 2024 15:54:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4247 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46266
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 15:54:55 GMT
expires
Wed, 24 Jan 2024 04:46:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7DC7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 15:54:57 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 5D42 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 15:54:55 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 9850
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7382765016243788889&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7382765016243788889&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 15:54:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7A12CR5C2Q7D5TS0DG4Y

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
67d1100b-cf74-48eb-a9c2-d4d74e21e166
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 15:54:54 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=7382765016243788889&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame 28C6
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
8039602c5b29123d816dbd0f3e0682373303423168a3304b37a652f116e31f74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
459
Content-Type
text/html
Date
Tue, 23 Jan 2024 15:55:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Tue, 23 Jan 2024 15:55:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:54:54 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
usermatchredir
ssum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDB35pUbgKz8QPRfK-bQ-Rg&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDB35pUbgKz8QPRfK-bQ-Rg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB8GJNbOFynaNfc8eYl2%2BElYoF1toYE3VwzJDZMVd%2BaZysDeMDLDab4yL94MpA9U3e5Eq%2F7jaiK%2BNZq8LjhncXmqlgFYcA6xnNM9583UIJrXvxen07tCbj4mUdd5lV4dHcK5oXEuQiskzg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137cbbfd8a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDB35pUbgKz8QPRfK-bQ-Rg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&expiration=1708617299&gdpr=0&gdpr_consent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&expiration=1708617299&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSZD9Dw3CC2PWb4yfy7rQ6zd1GhxRyHN1rq6HD%2FfAbfDlUbz6vK5Yw%2BzOFFQdYYqVHj4jRO7rVBRIXZxqYYg0uIfhPmTCQz6pUTLm0hIIm%2Fjf0OF0GnHnm8qIMtr2ww0AaYHtXGl9xh5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137ec2b17a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&expiration=1708617299&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 15:54:59 GMT
server
Kestrel
content-length
323
362358.gif
idsync.rlcdn.com/ Frame 10F1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za-hTsAd2z0o6YwhzgsgZwAA%263792&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za-hTsAd2z0o6YwhzgsgZwAA%263792&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=91e6910f6b774f44b8d4ef812555a35d
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8109771040243830765
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=91e6910f-6b77-4f44-b8d4-ef812555a35d
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=420bbdb5-c637-400e-8aa0-8d82cb81fffc%3A1706025303.4901533&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D420bbdb5-c637-400e-8aa0-8d82cb8...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969751697225496346&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D420bbdb5-c637-400e-8aa...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=420bbdb5-c637-400e-8aa0-8d82cb81fffc%3A1706025303.4901533&_=1706025303.4930887
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc0MjBiYmRiNS1jNjM3LTQwMGUtOGFhMC04ZDgyY2I4MWZmZmM6MTcwNjAyNTMwMy40OTAxNTMzEAAaDQjXwr-tBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBLSofhmCjAEtkUUX3i8X-s&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBLSofhmCjAEtkUUX3i8X-s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBLSofhmCjAEtkUUX3i8X-s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 10F1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1X8Z2Y1X1F6EK9HH15R6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880325415258&us_privacy=1---
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880325415258&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uArY9p8BVNXM4ztHnukgtYKy%2Fb3t2zReUqDXyg0aMiWR1zCy6Y8ovTExI8d3HR0yX9Xbitd8JJqF40MsCcS7kM6Jr2t7JqnyF4cE7mkmrO7wmx9GAMSTbgBsVtjQ4ZFBAy%2Bnon2HIfR3qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137f23e12a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880325415258&us_privacy=1---
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=L210gdPvUHluIbjuXEkqnj4DJIw
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=L210gdPvUHluIbjuXEkqnj4DJIw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBZBaC9JgZc20ms%2BSQ4xkzREPvKXvJs26kFN%2FlxNH3OSDVJdSAT0g0CkXYLZ4VO6FOIvP9pfW5detVPxq1aZfHbqivDh9MExwL%2BuFCyTPmTZpAuLh0AKER84b7WIvrpRRQjL3c7j8PtPzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137f80961a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=L210gdPvUHluIbjuXEkqnj4DJIw
Date
Tue, 23 Jan 2024 15:55:01 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=AqzA1y3t1Rsj715
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=AqzA1y3t1Rsj715
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXDUFYWqsOKkUOIFL0k%2FcyH%2BNmu6Uz7aj6a4OwaompuDKWJuIOEUU8CukMZGJttNPOzsu8FBQmthnGfivkwE5lj9PcRwgfXHKnCKPMTA3WU0leClyEKHW8MCEwQfKlIJxDiUVbtnAo7NCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137d24b60a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:55 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0d8057fdc031e5cd4@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=AqzA1y3t1Rsj715
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 10F1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=878e65af-e14e-4d00-8a20-c231dd793b4c&gdpr=&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=878e65af-e14e-4d00-8a20-c231dd793b4c&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AATdaN8IM5oaenOHRJwc5JTA5bw5TVhJa%2FlojttVYoi0YUZ0IgBEpBwLA1B09iFUF8XGYTs5uCJZJy5kU71BRN4VMfKa9Lf6YRe%2BDWQ0EGUmB3Djuv6r%2BAC9H3KKdopt263quBLzc7rTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137cb5c7139f7-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Tue, 23 Jan 2024 15:54:54 GMT
Server
MT3 1353 054fd0e master iad iad-pixel-x21 config_version:"3754"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=878e65af-e14e-4d00-8a20-c231dd793b4c&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Jan 2024 15:54:53 GMT
ecm3
s.amazon-adsystem.com/ Frame 10F1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C1QHH1S1Q0YERNX4M7ZQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ca852450ddef2c05d8cb.js
fem.gprod.postmedia.digital/v94.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v94.0/chunks/ca852450ddef2c05d8cb.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 16:26:11 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1704229360
age
1121323
x-guploader-uploadid
ABPtcPrTC55ciHjlvpOD5wiJf-0JWfBYVhPIQfUR3kNzEjX7nOFkFRHIcPedz9kq0IfJ6Eh4RYUS1ccfys-CdcSPVMjby9HwzXlD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1109
last-modified
Tue, 02 Jan 2024 21:03:42 GMT
server
UploadServer
etag
W/"b8c89500a3911a44ff74904e79f8d535"
vary
Accept-Encoding
x-goog-generation
1704229422607263
x-goog-hash
crc32c=5hc1ug==, md5=uMiVAKORGkT/dJBOefjVNQ==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3199
accept-ranges
none
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 15:54:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		225 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1870782313095608&correlator=2961959278766103&eid=31080526%2C31080585%2C95320408%2C31080610%2C31079724%2C31079527%2C31080117&output=ldjh&gdfp_req=1&vrg=202401220101&ptt=17&impl=fifs&iu_parts=3081%2CSMCO_CPTL_CAN_EN_WEB%2Clife%2Cdiversions%2Cpuzzles%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1200x90%7C970x90%7C728x90%2C300x250%7C300x600%7C300x1050%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706025294639&lmt=1706025194&adxs=200%2C1238%2C797&adys=154%2C848%2C2931&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&vis=1&psz=1600x90%7C300x1050%7C1600x250&msz=1600x-1%7C300x-1%7C1600x-1&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1123503880.1706025295&ga_sid=1706025295&ga_hid=1655977664&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRippaC40zFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBippaC40zFIAFICCGQSOwoKcHViY2lkLm9yZxIkYjcwNGRjYzgtNWYwZS00OTFmLWFhNmEtN2VkMTRjOGQ1ZDEwGJqnoLjTMUgAEh0KDmVzcC5jcml0ZW8uY29tGKiloLjTMUgAUgIIZBIXCghydGJob3VzZRippaC40zFIAFICCGQSFAoFb3BlbngYqaWguNMxSABSAghk&dlt=1706025291926&idt=482&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbee99312-ba07-11ee-853e-029df323959b%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%7Cloc%3Drr1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbee99313-ba07-11ee-853e-029df323959b%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3Dbee99314-ba07-11ee-853e-029df323959b%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26pub%3D40&cust_params=permutive%3D96400%252Cbsjr%252Cbrrj%252Crts%26prmtvvid%3Dd1ae2a2f-810e-41cb-93fb-de030d93128d%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dcanoe%26sensitive%3Dn%26negative%3Dn%26ck%3Dlife%26sck%3Ddiversions%252Cpuzzles%26imp%3Dpuzzles%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D%26prmtvsdk%3Dweb&adks=1740580364%2C3708781197%2C3338692552&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
425601138b5cddecfc3f3e8cadbdfafbd54ea39cb6e1159e589ebd69e0d9b7eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33651
x-xss-protection
0
google-lineitem-id
6441232483,6336354690,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138458675913,138438278549,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://canoe.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBF4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 15:54:55 GMT
expires
Wed, 22 Jan 2025 15:54:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://canoe.com
Connection
keep-alive
Date
Tue, 23 Jan 2024 15:54:54 GMT
LoginRadius-Location
US1
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 23 Jan 2024 15:54:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
LoginRadius-Location
US1
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 15:54:54 GMT
signinprompt
edge-auth.microsoft.com/v0.5/ Frame 113C 		477 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/js/ms_auth_client.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
5303c8ddb93f86667638b4dbf4605472121f0d8316719e30e2936f5e9c807010
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-npNcx6boYoAzRoyamY1H/+8M/XxDwb1RIejpXg3f6Vo/OhbdLIWStTY+udIPWGanopeq90PGWz6sVs7rci0YfsfCCPpfqxavijAyuTeX5FjmqShKj1qDufpSjQvmBNyY4kZA6I9DVLBv4xRR+LWGE1S4Qclb3D2VFunKCiBmYMU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
script-src 'strict-dynamic' 'nonce-npNcx6boYoAzRoyamY1H/+8M/XxDwb1RIejpXg3f6Vo/OhbdLIWStTY+udIPWGanopeq90PGWz6sVs7rci0YfsfCCPpfqxavijAyuTeX5FjmqShKj1qDufpSjQvmBNyY4kZA6I9DVLBv4xRR+LWGE1S4Qclb3D2VFunKCiBmYMU=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 15:54:54 GMT
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 0475B67EBD1B45AFA840C86722863114 Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:55Z
vf-v2.js
cdn.viafoura.net/ 		860 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-34.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d30a45dc7fd324487980906858368d0083b721de5ffd78108f92e4091cde3211

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
.3EXqidYLx7AcRWbdUU.j_tM0qldLfaM
content-encoding
br
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 15:52:13 GMT
x-amz-cf-pop
YUL62-C2
age
163
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:25 GMT
server
AmazonS3
etag
W/"a964d1e2f10f0c188197324f5d080f8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
S3eE44ckO7U82OX07MgDNxEnz46YbWBskLMvXOFpLurTfkvitz3xHw==
gtm.js
www.googletagmanager.com/ 		449 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ac0468a07574222a50027b51eff4ac358c0c3ef0be9d81b22ab91a943d52e2eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127529
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:55 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-67.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:19:14 GMT
content-encoding
gzip
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
27357
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
jV2xPhlxQqspa8vjd9fhIP0qU26Rc8rhWloWydoO1nEApPUwTAEKEQ==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		327 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b11b46d840781f63d7b508c855efc863848a4e391cb675876c458a021886bb5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-yyz4523-YYZ
date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
283
x-timer
S1706025296.341033,VS0,VE0
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
MISS, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
117271
x-cache-hits
0, 27
gtm.js
www.googletagmanager.com/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v94.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
df648d2f45447372acd609c61fce98ee409f14718f69e9ef2ee25d40f022749b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50530
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:55 GMT
jload
pixel.adsafeprotected.com/ Frame 05F3 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x600&pubId=4811995650&chanId=21690693772&placementId=6336354690&pubCreative=138438278549&pubOrder=3224663197&cb=452367189&custom=index&custom2=rr1&adsafe_par&impId=bee99313-ba07-11ee-853e-029df323959b
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-72-146.compute-1.amazonaws.com
Software
/
Resource Hash
76f6554385e124c1cebb6feae6ea1ce1455a2024f16bce9b57240b84f5bad49e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssD2OBJmy6oQFTNlSn6yGOiZF0FqjqlOZwfSbzFEdwdIYnIdT6B_Sb4CpMC20MILff9etSvVj57UqY0-ggyJ-hadvpFLVwKDQAVyBH15AmmmTtodIiF7EuYzeIeapsdc7ioKIOxAcsnr0hkPr05sFpH5AOgFZ81VB0AfaRlvoMzCvkVUCiNMdbhppW8dHu8D7ZHRsxWJWcVVip37zfDNxrfEwz_Su35D0C-fq_Q585fn5AJdXiZ-kgM2YbUNQ_PdI09viXVtgZFTFaO5weAvmYTXnoKwE1XM4_6iShAZVD3FGT1vVyUn5eddRMyr8rJCj7L8DNeBX54jowW9g4-j4uVNXUO9Wh1yS3Xkw57nxdhLQ7B2--_-3CvetzFVhLpIR7E0qdHHjbE91Cs7AMGvmhQ&sai=AMfl-YQP5G00lH-htPdpVcb8YirOQeEgpSEP6LBfgrAOJ7BG7AI8020ytUm7iVhW-crAGq6IQvFyUc0A6F_0wee4EeoY7l1Z551JzYG7rliYD7ukg19nlkrmxlc80hrI_jQ&sig=Cg0ArKJSzE5lyQncdJJSEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 6F33 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
12410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 12:28:08 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6F33 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 15:54:55 GMT
10806747356984388062
tpc.googlesyndication.com/simgad/ Frame 6F33 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10806747356984388062
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
sffe /
Resource Hash
e520222ce71d130f32934764b0cba1e95c4df64fb724409c5202676aa890140d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 15:37:24 GMT
date
Fri, 19 Jan 2024 15:37:24 GMT
x-content-type-options
nosniff
age
346654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117488
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:38:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 6F33 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjXUSIPwq32noTFJ2FdkcjydcHckPwImkOX-6WNr-NRmDoD4fAI-1fAOjsubZv24Lx2TkyX6ARIDRuwTqjpfWlMCf-Kg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
jload
pixel.adsafeprotected.com/ Frame 78C6 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6441232483&pubCreative=138458675913&pubOrder=3291647976&cb=6078444&custom=index&custom2=1&adsafe_par&impId=bee99312-ba07-11ee-853e-029df323959b
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-72-146.compute-1.amazonaws.com
Software
/
Resource Hash
80be303c408fa9e953af8e73e4a247c1ff6452e224204f7aef4ca1f223165d04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7075 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssABby-i-4VRgnAGYQbE_yYXh415cghh3rkdsycvRGMxsw2drlxP-NYLfoOsVC0imETHUFQkjg8KtO4skdqhzGOrbDO5YUqFXmsa4EbtqhOD5dHKZjl4YknmYM_lmly-H_091cGEK90b1MgBQ1SzEYv6tx3cmM6g_bpFF2u7XinwISJraj8QaN04wLtlwJhT273SkTG-sn_OmTK-7x1GjmdXk6mfZyOemr7Ge6-OWRnOEPEXJdMCz2D8TjG-_PGHowVnpPBjfljxfSWwAQvtNGnvV5G53ZKRb-9p-G670MT3NwhQZeK0W5WafZ36vOPyxouLyX6INzcGwBy0eR7s7UmjqnoGM-Iu-lnyW71HI6KtWbf8OBz8SiIna3sjziBSrR3XlvCscmmu6jE7NjeRxvU&sai=AMfl-YR2YlqB5Cu5Ka9ULpS3x9YMZTEl_krg5KlD3mGthL8y_9meGsHa1-QMEoE1pwknrZHDAM4K4b1Dm8iCni5zhZaKARPizQfZh8JuNvVEnsdhdfDiZsnRS38whaXFNt4&sig=Cg0ArKJSzFHUtiqyf3QrEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 7075 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
12410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 12:28:08 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7075 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 15:54:55 GMT
1045283176447499668
tpc.googlesyndication.com/simgad/ Frame 7075 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1045283176447499668
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
sffe /
Resource Hash
42d9ba8ca9a5e2d3bd725d12d77341070d3ad39ca467d787d2bc2bca6b9c5f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 13:10:15 GMT
date
Fri, 19 Jan 2024 13:10:15 GMT
x-content-type-options
nosniff
age
355483
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85787
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 20:47:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ms_auth_server_button.min.js
edge-auth.microsoft.com/v0.5/js/ Frame 113C 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-AwrqG0ISqHvmRn1QJu2mtvie36/2skBKB+PKn/eqdL7XZ9jHN21bkg6if5PIiIS7Xf+RHETOcFsTCoVY017qJMT/726yUB/lOa/nyiBED+1hQgxY/S41/C7sFMXazWsbaeIhZv1tDwqYQzB/QtATlk+B5XvXvKA7oUsSiTBxoQA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-AwrqG0ISqHvmRn1QJu2mtvie36/2skBKB+PKn/eqdL7XZ9jHN21bkg6if5PIiIS7Xf+RHETOcFsTCoVY017qJMT/726yUB/lOa/nyiBED+1hQgxY/S41/C7sFMXazWsbaeIhZv1tDwqYQzB/QtATlk+B5XvXvKA7oUsSiTBxoQA=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
date
Tue, 23 Jan 2024 15:54:54 GMT
last-modified
Mon, 01 Jan 1601 22:40:38 GMT
x-msedge-ref
Ref A: B882F7B3C6934D8BA2909E1EAAAB2C5B Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:55Z
etag
"be140a5f9d"
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26781
truncated
/ Frame 6F33 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35224383b43eb1b7dfa57637f136dad59f4ab331bcfc5f6874644eb5815e520

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7075 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
164adc208b6b0d04e6cc27dbd9e7eb3d50b7744bedd1a57e99a759020b859356

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KB476Q6&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f18645fef3b37f5790f8133b53677b8f1fc91f444ffdf361c7d95694caecca25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44658
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:55 GMT
gtm.js
www.googletagmanager.com/ 		309 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1002879872b70abe372a7755d3967607e42b96cb9f40e918994e7fcd7c4cc287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93962
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:55 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e81b8ba485b5b1a713772b4dbf1f7a1bac0efcaa7e2035419d8d5c347e8db506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 15:54:55 GMT
metric
edge-auth.microsoft.com/ Frame 113C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-TVmSQ8DHmmtz94YLOrdQj+K0ddoIQguvk5Ge1nQ/Sm4vzRW27ctn5kMfC649SBRLx7Wx0A4ToHjnKC7tpU3IiH+6VtvGU22Csx1goedyxkgbATun9D/xVlKXTtdggaE9mNcxs4UvTtG1idIPpi5CAbSmU+3Go2Kf004DV6kxIX8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-TVmSQ8DHmmtz94YLOrdQj+K0ddoIQguvk5Ge1nQ/Sm4vzRW27ctn5kMfC649SBRLx7Wx0A4ToHjnKC7tpU3IiH+6VtvGU22Csx1goedyxkgbATun9D/xVlKXTtdggaE9mNcxs4UvTtG1idIPpi5CAbSmU+3Go2Kf004DV6kxIX8=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 23 Jan 2024 15:54:54 GMT
x-msedge-ref
Ref A: 0E9E89261457458FAAA778888AC41B87 Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:55Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 113C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-lfr5jZYl6Wf6W9bdtKWN00W1/crtziE7UJd9EowBiL7pETi/XYxyyYLKmpevJiMNH59YFQF6opkK0pGrmk1Qxq++lBap9cmzqH55jl80UHa9Y+hlfA/2ex063sF302QHKfocQncBKU2EGXna/I773ngyfjPkZaB5yuCNUKjLAao=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-lfr5jZYl6Wf6W9bdtKWN00W1/crtziE7UJd9EowBiL7pETi/XYxyyYLKmpevJiMNH59YFQF6opkK0pGrmk1Qxq++lBap9cmzqH55jl80UHa9Y+hlfA/2ex063sF302QHKfocQncBKU2EGXna/I773ngyfjPkZaB5yuCNUKjLAao=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 23 Jan 2024 15:54:54 GMT
x-msedge-ref
Ref A: DD2B0F3522064A7999302A652EBD4EDC Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:55Z
content-length
0
x-cache
CONFIG_NOCACHE
metric
edge-auth.microsoft.com/ Frame 113C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge-auth.microsoft.com/metric
Requested by
Host: edge-auth.microsoft.com
URL: https://edge-auth.microsoft.com/v0.5/js/ms_auth_server_button.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.158 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
bingforbusiness.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-vweQ9EiZhXsmDW5tUht8QFFWecOP9DyRNbo5kTw2H0IoUFxs/pp4Nfjuwrco78as89njNUUaPF3S8tb4bxgTf77Osb40pN6+7GBZvEIotocVEYlIGSZllc2ruLDXZaZ/oQF32eZYfYSBIFHQQ9yO7pWhBSU3PtQN1V6IOBLQE50=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';

Request headers

Referer
https://edge-auth.microsoft.com/v0.5/signinprompt?uuid=b210a72e-c782-49a3-885a-f229f623f248&send_session_started=true&client_id=a2f5b229-db73-4076-8a05-f85b0fd8a6e8&locale=en-US&context=signin
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
script-src 'strict-dynamic' 'nonce-vweQ9EiZhXsmDW5tUht8QFFWecOP9DyRNbo5kTw2H0IoUFxs/pp4Nfjuwrco78as89njNUUaPF3S8tb4bxgTf77Osb40pN6+7GBZvEIotocVEYlIGSZllc2ruLDXZaZ/oQF32eZYfYSBIFHQQ9yO7pWhBSU3PtQN1V6IOBLQE50=' https:; object-src 'none'; base-uri 'none';require-trusted-types-for 'script';
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 23 Jan 2024 15:54:54 GMT
x-msedge-ref
Ref A: 350C0E8EBF3C4937A11C4CBF1AE6A572 Ref B: EWR311000103049 Ref C: 2024-01-23T15:54:55Z
content-length
0
x-cache
CONFIG_NOCACHE
v2
api.viafoura.co/v2/canoe.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.220.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-220-168.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://canoe.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 23 Jan 2024 15:54:56 GMT
expires
Tue, 23 Jan 2024 15:54:56 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/canoe.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.220.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-220-168.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
04135c5b70e3493cd29355bf4c6550403584b8c6d7ad35bdc22ebbf9d3d0ff63

Request headers

Accept
application/json, text/plain, */*
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-06f28f9035bb5db77
pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 23 Jan 2024 15:54:57 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817z879194588&_p=1706025295232&_gaz=1&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706025295&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=page_view&_fv=1&_ss=1&tfd=3885
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-72QH41ZTMR&cid=1123503880.1706025295&gtm=45je41h0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817&_p=1706025295232&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&sid=1706025295&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.query_id=CI-LrL3v84MDFWqdgwgdxKUOkw&_et=4&tfd=3890
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-72QH41ZTMR&gtm=45je41h0v880952817&_p=1706025295232&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=3&sid=1706025295&sct=1&seg=0&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.query_id=CI6LrL3v84MDFWqdgwgdxKUOkw&_et=1&tfd=3894
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72QH41ZTMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-72QH41ZTMR&cid=1123503880.1706025295&gtm=45je41h0v880952817z879194588&aip=1&dma=0&gcd=11l1l1l1l1&z=1852035487
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6d32918bdff1efa5aecbea0f90be6b95f7a2362e756128dcebec35bfa16a640a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90797
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 15:54:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 14:06:18 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6518
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 16:06:18 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		160 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1663536a0460d18689e8e0d827236fbb61fe5763e4ab68896554d5184053c460

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
content-encoding
gzip
cf-cache-status
HIT
age
95
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400
content-length
46567
x-response-time
4ms
last-modified
Tue, 23 Jan 2024 15:53:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
84a137e54f7f3739-YYZ
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 15:54:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
pragma
public
x-fb-debug
tIli6ntEXM/6698dxPEo2d+byypGtV669aD/huwBz8DI/stS776jIQl5WCSNXWSXYnj5sd1uVEkdI5aL8B+xRg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-35.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
XfYprRTzfIx5sUT1DKibUZklTDJ88StC
content-encoding
gzip
via
1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 08:24:25 GMT
last-modified
Thu, 24 Aug 2023 11:20:32 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
27032
x-amz-server-side-encryption
AES256
etag
W/"10ba0dba424c8954df3533bfd881e874"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
RGjTVQD-HoLj2diB2umwr3BfIxVSsKpEzlDtw_9f7GOGS7MXgJxr6A==
p.js
cdn.parsely.com/keys/canoe.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/canoe.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
de8a06fb4a67185897bb2f003cfd6e8171816a7d35796addfb530ddace7e93ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 08:09:45 GMT
content-encoding
gzip
via
1.1 98bc8180e0431e8f05afc9802305f1d2.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 13:34:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
27912
etag
W/"651c1880-e639"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
CnQ7yJdETceUk0UC58Q1VaqibRKiq9DAiEkwvcHA955WKyZUDFa5jA==
expires
Wed, 24 Jan 2024 08:09:45 GMT
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=aps&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
PugMaster
image6.pubmatic.com/AdServer/ Frame 4247 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40526284&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
content-length
0
envelope
lexicon.33across.com/v1/ 		49 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&src=esp&ver=1.3.0
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
ecm3
s.amazon-adsystem.com/ Frame 597B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=c7f9f483-0984-41e6-ab38-47d409b7adab
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QBRDB414AV82NHM3N2CY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 597B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 15:54:59 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 597B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=YzdmOWY0ODMtMDk4NC00MWU2LWFiMzgtNDdkNDA5YjdhZGFi
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 597B
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://sync.1rx.io/usersync2/sharethrough?zcc=1&cb=1706025296170
  • https://ad.turn.com/r/cs?pid=45&rndcb=644512393
  • https://sync.1rx.io/usersync/turn/8109771040243830765?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_...
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
date
Tue, 23 Jan 2024 15:54:57 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba17f5ef210c49b7ae288e09adf5559f005
content-type
text/html
v1
match.sharethrough.com/sync/ Frame 597B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=61cac47a-0c8b-0788-0f6f-df1a641d9fbd
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=61cac47a-0c8b-0788-0f6f-df1a641d9fbd
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:56 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=61cac47a-0c8b-0788-0f6f-df1a641d9fbd
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826&_p=1706025295239&_gaz=1&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&sid=1706025295&sct=1&seg=0&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_fv=1&_ss=1&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T07%3A54%3A55.642-08%3A00&ep.query_id=CI-LrL3v84MDFWqdgwgdxKUOkw&tfd=4113
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JPRDS7DYTE&cid=1123503880.1706025295&gtm=45je41h0v880952826&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826&_p=1706025295239&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&_s=2&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&sid=1706025295&sct=1&seg=0&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T07%3A54%3A55.642-08%3A00&ep.query_id=CI6LrL3v84MDFWqdgwgdxKUOkw&_et=3&tfd=4117
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JPRDS7DYTE&cid=1123503880.1706025295&gtm=45je41h0v880952826&aip=1&dma=0&gcd=11l1l1l1l1&z=1185800403
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1626
date
Tue, 23 Jan 2024 15:54:57 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1135
x-fastly-trace-id
3200083647
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yyz4566-YYZ
x-timer
S1706025298.528529,VS0,VE0
gtm.js
www.googletagmanager.com/ 		234 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KMC8ND&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b2c3ac8931353adc11f48b9e1fbd0daa764eb2e736439d7a15aa42c7b51de5bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69178
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:56 GMT
identify
identity.mparticle.com/v1/ 		175 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c49f4e9b24c62dbda36124851975d44cf7fe6e4a0d87f935d51660eb116da0f9
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-yyz4566-YYZ
server
Kestrel
x-timer
S1706025298.555163,VS0,VE36
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
3200083768
accept-ranges
bytes
x-cache-hits
0
main.19.8.473.js
static.adsafeprotected.com/ Frame 05F3 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x600&pubId=4811995650&chanId=21690693772&placementId=6336354690&pubCreative=138438278549&pubOrder=3224663197&cb=452367189&custom=index&custom2=rr1&adsafe_par&impId=bee99313-ba07-11ee-853e-029df323959b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-102.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:48:31 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1015586
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
vCvv5Cep0c56CaIYGWhINS4aZImksZDzJzetYzHn9pmhEqEZuEJBSA==
main.19.8.473.js
static.adsafeprotected.com/ Frame 78C6 		214 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6441232483&pubCreative=138458675913&pubOrder=3291647976&cb=6078444&custom=index&custom2=1&adsafe_par&impId=bee99312-ba07-11ee-853e-029df323959b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-102.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:48:31 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1015586
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Kaw5fHaCz3xojeTSbna0dDNp6pzyDDIDJzdvTEHsvn0baercmXPI1A==
gtm.js
www.googletagmanager.com/ 		230 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFGNKKG&l=mpartical
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
06d49e260f4932cb1977affa17d7430db79047b2d4b44b871b9ee9f2583d0e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74465
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Jan 2024 15:54:56 GMT
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1655977664&t=pageview&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&ul=en-us&de=UTF-8&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1495752816&gjid=486281843&cid=1123503880.1706025295&tid=UA-213173459-13&_gid=1928666750.1706025297&_r=1&_slc=1&gtm=45He41h0n81P3Q4QHWv854753396&cd2=2024-01-23T07%3A54%3A55.648-08%3A00&cd7=anonymous&cd17=0&cd23=Canoe&cd24=Cheetah&cd25=15.2.1&cd26=v94.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=55&cd31=puzzles&cd52=puzzles&cd65=false&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cd1=1123503880.1706025295&z=2088117612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1655977664&t=pageview&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&ul=en-us&de=UTF-8&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1040014522&gjid=1967755316&cid=1123503880.1706025295&tid=UA-138335866-20&_gid=1928666750.1706025297&_r=1&_slc=1&gtm=45He41h0n81P3Q4QHWv854753396&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&z=1202558942
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6daae9ae29d4a659b51bb3741f1845dba56278221573c60313556ab426dfe2ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-213173459-13&cid=1123503880.1706025295&jid=1495752816&gjid=486281843&_gid=1928666750.1706025297&_u=YCDACAAABAAAACAEK~&z=841157872
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Jan 2024 15:54:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GLBG5PB1H0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3346651e72fac1f52c025219b309a2fb16cf6037e8df0e840cc0b7a8c9f6db94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 15:54:56 GMT
1685973801652415
connect.facebook.net/signals/config/ 		146 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.142&r=stable&domain=canoe.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
725c7f25639cdf8e983f31c18286ae22339b07fb98bec314035189ab045af5c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 Jan 2024 15:54:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
38188
x-xss-protection
0
pragma
public
x-fb-debug
PvpwZBD3yWjc4iNblyO1qXAO4qDN2m5YwQQG3Y89YARBtoaknN5ug1wBEx1TdOZoHy3J9gROeJR6CNFNy1PXeQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		535 B
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-72.yul62.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:03:36 GMT
via
1.1 bf92485080aafccc84ee48a4ab037a64.cloudfront.net (CloudFront), 1.1 192b5dfe0d3306c6761973a7786a01d4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, YUL62-C2
age
13881
x-amzn-requestid
ef149510-2d6b-4c55-b0cc-c8dbd332593e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
R_er3GzYCYcEtDQ=
content-length
535
x-amz-cf-id
hA0AdkzDEv3W0UkqhMMhHJHAyER1p7370Gcvia8XSEfSKflqWukOvg==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-6.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 10:48:01 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
18417
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Wo_B0VuR-MzTk2otfdyHbmt-q5GTwMKnkIou_JMcUHPbMzYwqXhHIA==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GLBG5PB1H0&gtm=45je41h0v9123934051&_p=1706025295232&gcd=11l1l1l1l2&dma=0&tag_exp=71847096&ul=en-us&sr=1600x1200&cid=1123503880.1706025295&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&sid=1706025296&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5159
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GLBG5PB1H0&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&rl=&if=false&ts=1706025296869&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706025296865.1807733250&cs_est=true&ler=empty&it=1706025296791&coo=false&rqm=GET
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 Jan 2024 15:54:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events
api.permutive.com/v2.0/batch/ 		201 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4049d1aa81f1350993a0d316870aef271f5a3c577a173c85ea60027aeae34a79

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
sca.17.6.2.js
static.adsafeprotected.com/ Frame 856B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-102.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:24 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1669413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
My9Wd0LgeOQ45eli5queby1XY44EmpnDdrMM8YBONOPOdpwpoAxqfg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x600&pubId=4811995650&chanId=21690693772&placementId=6336354690&pubCreative=138438278549&pubOrder=3224663197&cb=452367189&custom=index&custom2=rr1&adsafe_par&impId=bee99313-ba07-11ee-853e-029df323959b&adsafe_url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fcanoe.com%2F&adsafe_type=f&adsafe_jsinfo=,id:658db809-7846-8522-1de0-0f859fe76c00,c:26z8hW,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6f4b57f9c-srqkz,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:514,mot:0,app:0,maw:0,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C181,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:559,oid:c1369032-ba07-11ee-93d4-d6c3e8ed8dc1,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-72-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
app71.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame A0CE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-102.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 08:11:24 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 90b7b9dc3aa8817f0cef3cfd45fb8916.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
1669413
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
U91NaxatiEIwt2C-_-4QbKwwSSW02BxAQ4WPxqXwA3fcrx4OvITPkg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=728x90&pubId=4811995650&chanId=21690693772&placementId=6441232483&pubCreative=138458675913&pubOrder=3291647976&cb=6078444&custom=index&custom2=1&adsafe_par&impId=bee99312-ba07-11ee-853e-029df323959b&adsafe_url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fcanoe.com%2F&adsafe_type=f&adsafe_jsinfo=,id:9d8e29f7-8e70-b336-c608-81abe18edb48,c:26z8ir,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6f4b57f9c-m5655,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:570,mot:0,app:0,maw:0,fm:u2cAhxV+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C171%7C172%7C18*.928934%7C181,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:581,oid:c136b82a-ba07-11ee-b6f5-32b2f1f41784,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.72.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-72-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
app72.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
thirdpartycookie
api.viafoura.co/v2/canoe.com/ 		45 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/canoe.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.220.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-220-168.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-instance-id
i-0f2ca568b83a9ba0e
pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://canoe.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 23 Jan 2024 15:54:57 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8iX,pingTime:-2,time:621,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1166,beZ:1168,mfA:1681,cmA:1683,inA:1683,inZ:1688,prA:1688,prZ:1717,si:1725,poA:1725,poZ:1743,cmZ:1743,mfZ:1743,loA:1772,loZ:1775,ltA:1786,ltZ:1786,mdA:1168,mdZ:1649%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:621,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:559,slid:%5Bgoogle_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_1,google_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_1__container__,ad-rr1,ad__inner-rr1,main-content%5D,sinceFw:61,readyFired:true%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8iZ,pingTime:-2,time:614,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1141,beZ:1142,mfA:1711,cmA:1712,inA:1712,inZ:1716,prA:1716,prZ:1718,si:1721,poA:1722,poZ:1730,cmZ:1730,mfZ:1730,loA:1749,loZ:1751,ltA:1755,ltZ:1755,mdA:1143,mdZ:1637%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:614,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:581,slid:%5Bgoogle_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_0,google_ads_iframe_/3081/SMCO_CPTL_CAN_EN_WEB/life/diversions/puzzles/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:33,readyFired:true%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8jw,time:656,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:656,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8jx,time:648,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:648,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:581%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
intl-messageformat.1ffa056616fa00afbfc0.js
cdn.viafoura.net/chunks/defaultVendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/defaultVendors~languages/intl-messageformat.1ffa056616fa00afbfc0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-34.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 12:50:36 GMT
x-amz-version-id
K6YX2DhTPOywEHMsosDhkEIcXxdZ3QdO
content-encoding
br
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
443062
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:52:48 GMT
server
AmazonS3
etag
W/"1c693504509bdbb60c6776720954c7c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
4MyN60DkdRFfGZKUSIwi_q1s_q1KKfgZMavqinGG6i2U3CV11ftdjg==
intl-messageformat.bba378369051b3ea02d6.js
cdn.viafoura.net/chunks/languages/ 		135 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.bba378369051b3ea02d6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-34.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 12:50:36 GMT
x-amz-version-id
hWlG.vOM9z6j6QBopta2P7z2EI70_7rG
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
443062
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 16 Jan 2024 20:52:58 GMT
server
AmazonS3
etag
"41f960d448b03a594d459a897779ddf6"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6RTusZsypoRM50r1Gly0A2Ql6Ku64yICx65qtGV9hhsDKc8Ut1hLrQ==
en-us-base-json.22dd055f6ebc67a95f1d.js
cdn.viafoura.net/chunks/languages/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.22dd055f6ebc67a95f1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-34.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 10:39:14 GMT
x-amz-version-id
jLiRAZHs9uvGXsyGLDy3Kq7eIAwF31Qi
content-encoding
gzip
via
1.1 f7da5d3db9ee44e1812f138a4bdfd564.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
537344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:02 GMT
server
AmazonS3
etag
W/"dfb5516fd649a383d34843bb4b99126e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Oq15wgLodl5r_CkB0FMVcZPQICGfP5pG1p_2s9l6te_Y0g8AagUN_A==
/
onetag-geo.s-onetag.com/ 		535 B
940 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-72.yul62.r.cloudfront.net
Software
/
Resource Hash
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:03:36 GMT
via
1.1 bf92485080aafccc84ee48a4ab037a64.cloudfront.net (CloudFront), 1.1 192b5dfe0d3306c6761973a7786a01d4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, YUL62-C2
age
13881
x-amzn-requestid
ef149510-2d6b-4c55-b0cc-c8dbd332593e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
R_er3GzYCYcEtDQ=
content-length
535
x-amz-cf-id
3FKBD5BkOnnt7NMyFtWCoWhWrKv5tL0W0DRx2Bif8tTgQ_NbDLBBXw==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		211 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 dc2de227a66d49eadfba1450eb6faa90.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
1389
x-amz-cf-pop
YUL62-P1
cf-polished
origSize=1336927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 04 Dec 2023 07:20:21 GMT
server
cloudflare
etag
W/"34dedade3a8f1aa4aa0db4d3bf475de7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
84a137db7f74369c-YYZ
x-amz-cf-id
C7PwdKWP_xZQfZoGEqej4zLF889lazMxXayxt0zv5AuH9zWmHPisFw==
expires
Tue, 23 Jan 2024 19:54:57 GMT
ingest
i.viafoura.co/v3/canoe.com/ 		67 B
388 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/canoe.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.166.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-166-49.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://canoe.com
date
Tue, 23 Jan 2024 15:54:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
svod-module-js.af0a0ec7f140c97a1728.js
cdn.viafoura.net/chunks/vuex_store/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.af0a0ec7f140c97a1728.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.192.51.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-34.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:53:37 GMT
x-amz-version-id
t.zI8gKmhAoEWoAYFybiCX12Rnu4S7U6
content-encoding
br
via
1.1 37504d411c7d230cb5e53aaf2809b804.cloudfront.net (CloudFront)
age
586881
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 16 Jan 2024 20:53:04 GMT
server
AmazonS3
etag
W/"29fcd3e8ac2266d59e9874ce666e077c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ZGOfE-hfqrRJ4PRboP7fqr6u2s2UyV_uEj5qvE1IT5_rhlu3-mPFYA==
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://canoe.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
84a137e2e83b39e1-YYZ
date
Tue, 23 Jan 2024 15:54:58 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2036014153a51610b89b576a9f14c2c5c6b03225248e3faad56ca9725214416

Request headers

Referer
https://canoe.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
max-age=86400
cf-ray
84a137e338c539e1-YYZ
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
183ffa7e0283d699f7542bb054a9065be7e2ab542d38e3b572f19ac22b124fa5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:55:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Tue, 23 Jan 2024 15:55:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://canoe.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8nJ,pingTime:-10,time:917,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706025297382%7C%7C4391d4f13de40d124ea5d14930700a88%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C5b12b773630ea2b410859e8550464249%7C%7C55c33d9efcea5c14134becd1b4c4beeb%7C%7Ccfe22adbf0beb2aa9a96aa79ced72dea%7C%7C96aa5f469fb703ccae7c19fb8cde5956%7C%7C5123a3a57abf79447e85995b7fe636a2%7C%7C1663701684%7D
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping.gif
placement-prd.jwpltx.com/v1/placement/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://placement-prd.jwpltx.com/v1/placement/ping.gif?h=-1216087569&e=pll&n=5573547685228559&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&plv=0.13.0&sa=1706025292395
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-102.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
via
1.1 83a743ed393a5cd20768ea48e9372bca.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
YUL62-P1
x-amz-cf-id
lLMf23F3HScwKu0WZ-BJk7GYCt2TEGxahqWjgVTyo3fymu93utGRSQ==
x-cache
Miss from cloudfront
usync.js
eus.rubiconproject.com/ Frame 7DC7 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f37871d176a351c045bf481db13719ee75c202eac94523260600f762ac7276dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 12:31:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74200
Connection
keep-alive
Content-Length
10964
Expires
Wed, 24 Jan 2024 12:31:37 GMT
khaos.json
token.rubiconproject.com/ Frame 7DC7 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4538-YYZ
date
Tue, 23 Jan 2024 15:54:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1706025298.684253,VS0,VE119
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
1626
date
Tue, 23 Jan 2024 15:54:57 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1136
x-fastly-trace-id
3200084190
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-yyz4566-YYZ
x-timer
S1706025298.633646,VS0,VE0
identify
identity.mparticle.com/v1/ 		175 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ab5ddd6bbaf4e6b6ae4d9b3ffdab97d462a643269c7dd07d8452257843fd5662
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-yyz4566-YYZ
server
Kestrel
x-timer
S1706025298.660508,VS0,VE43
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-fastly-trace-id
3200084353
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4538-YYZ
date
Tue, 23 Jan 2024 15:54:57 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1706025298.684231,VS0,VE30
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
8de66b2537c74eb840dde0edb77576dbf6b06bc4d64df5d89819ec9290a7bbdc

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		41 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7e5bcd656337be8e9a4b43036dbe504a6dfefe11761623d97e587fb53cd217ab

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-yyz4538-YYZ
date
Tue, 23 Jan 2024 15:54:57 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1706025298.740036,VS0,VE31
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
audiences
api.permutive.com/audience-matching/v1/id/740ce053-11a9-481b-a7fa-a8b00aa5c7fb/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/740ce053-11a9-481b-a7fa-a8b00aa5c7fb/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:54:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8wL,pingTime:-10,time:1468,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706025297382%7C%7C4391d4f13de40d124ea5d14930700a88%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C5b12b773630ea2b410859e8550464249%7C%7C55c33d9efcea5c14134becd1b4c4beeb%7C%7Ccfe22adbf0beb2aa9a96aa79ced72dea%7C%7C96aa5f469fb703ccae7c19fb8cde5956%7C%7C5123a3a57abf79447e85995b7fe636a2%7C%7C1663701684,sca:%7Bspg:658db809-7846-8522-1de0-0f859fe76c00%7D%7D
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:57 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1706025297962&plid=c401e39a-e99c-4ec2-9f56-2a0bdd3f60e9&idsite=canoe.com&url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&sref=&sts=1706025297958&slts=0&title=Puzzles+and+Games+%7C+Canoe.Com&date=Tue+Jan+23+2024+07%3A54%3A57+GMT-0800+(Pacific+Standard+Time)&action=pageview&pvid=daeacad1-665f-4b61-9bd3-788e4b7341b8&u=pid%3D8935fe1c-7b20-4928-9b5c-2dba411315fe
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:55:01 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 23-Jan-2024 15:55:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8B4,time:1744,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1744,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1225~0%5D,as:%5B1225~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:333,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8Bv,time:1762,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1762,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1190~0%5D,as:%5B1190~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:581,sis:651%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-13&cid=1123503880.1706025295&jid=1495752816&_u=YCDACAAABAAAACAEK~&z=1390569976
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-213173459-13&cid=1123503880.1706025295&jid=1495752816&_u=YCDACAAABAAAACAEK~&z=1390569976
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://canoe.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
LoginRadius-Location
US1
Server
nginx
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://canoe.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.214.92.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-92-171.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://canoe.com
Connection
keep-alive
Date
Tue, 23 Jan 2024 15:54:58 GMT
LoginRadius-Location
US1
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
ecm3
s.amazon-adsystem.com/ Frame 7DC7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRQJETK1-3-JHMR
  • https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
210QMZFCHF727MWR4M69
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7075 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN-L2e0mZh-Sl8R8gMGt_R1qvLs7fneMyhV0ULWaNEqoWy7DNgrhG7VYxjKU6g9f1-UOPz21vRxLHFNRwxFB-t39QGx8NLh5eTNScnmT9ZXIr11581_pvJdSMBeBj9AJNtzq6NM7zY7ESSr5DmPY0aldXAne9VlPKqiN6c3Ekz5boiGkMhs07MQ2Hegu_sRABS7gIsW7s8XvQNkbBmaT1Ue6ckJBvA8QPrslKVunFR50ArjDsOFYWga8zco1BdBBzG1RngT0FyUyYD_tCcZF04BlCRRBpDJLyg3eJCQ-QNG8p76HqXGA4EvhyCPz3ylP1m5KcDu3HfDXogqYlv9E7EFdj1fqvyM0fmGm9DaHrhc4OEW7DzWVZm_fO6YPXv7U-01lPUV7HiNjwNANCLmhQDjbo&sai=AMfl-YQz7HjfY72CS-BFdA_gVG4kUtoyKabv5UiSoDvRKp1oYt8W3YvSpqWIGNo0IVGt2N-a441MHEyQRUTZEvp3BuShjZBJYoarBqXRqOxupUjuXw4RKuH2qnFUyEY_9wc&sig=Cg0ArKJSzCTkA5JPr5IMEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 15:54:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6F33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgJTrzPxp6msFiXHB591A2lusIuQH5rd6tc1NOpho6pkKAjj2bIBpIB7KfHLnX17Q1qggGK1uiSmwWXiCsIqNz03UXhntgwdav7v4UiMzuwP9JKyvfYIthIMWyphTwaCGhiKSIDFqCTrmD1km14gtXD5MSb4j9wxwmcPagqR7wa7nyL3_tLUKHcB_pbU_A4eNqhafKBaMecqXILDkZVMPz4J5D_WVsO8VJDP-HozAXG-fn5uVyH8o9ooExKvgv9GRSYFbNpxUOUVoVjIGs5epEoPKb1FYQlCxbfZtbCFPPqnRddIV56FmAeMAHXC6nruuvJYAX96w-am20ewXcq5MkbWnWNr1GqjhzJcikBuvL_2A0PjAs8resRz2IhCVUQToObeEh4Es3exVVlBiPokuODqg&sai=AMfl-YS9pTNA581I8p8PhwYz1JpIUxJVglMxHOV0rsiCR4Q2jTqA0LTTnh4JrZ_2ZJU5kjlDHp2WA_rFTq7WQL25QWx88uk7qdLKBr_nHUfdCs_I-fEyn_8j-716GfuCA_U&sig=Cg0ArKJSzB10MHWE3yQlEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 15:54:58 GMT
ecm3
s.amazon-adsystem.com/ Frame 7DC7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gkm7juN7Sz68868N4c-EMg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gkm7juN7Sz68868N4c-EMg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gkm7juN7Sz68868N4c-EMg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FECNRGPRP1YECGSX3SQ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gkm7juN7Sz68868N4c-EMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
14f2833af82feb4c3bb41319cabc6617
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7DC7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W14MTWZK6HEHXHGQMDCX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRQJETK1-3-JHMR&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
14f2833af82feb4c3bb41319cabc6617
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJRSkVUSzEtMy1KSE1S
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPk2y814CTm4P9adklUZhjM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJRSkVUSzEtMy1KSE1S&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJRSkVUSzEtMy1KSE1S&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJRSkVUSzEtMy1KSE1S&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
14f2833af82feb4c3bb41319cabc6617
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ajRC0QBSl_SnQcEDi7QTIQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VsmyTIpE2oJkNW8c3bOFIDHuTa3XP6i8Gm6etg--~A
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VsmyTIpE2oJkNW8c3bOFIDHuTa3XP6i8Gm6etg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VsmyTIpE2oJkNW8c3bOFIDHuTa3XP6i8Gm6etg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7DC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN8ojNAH3IaY6rFadqMI-2c&google_cver=1
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN8ojNAH3IaY6rFadqMI-2c&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN8ojNAH3IaY6rFadqMI-2c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7DC7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QHM58QAESEWCZRB55JNS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7DC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=&expires=30
date
Tue, 23 Jan 2024 15:54:59 GMT
server
Kestrel
content-length
289
setuid
px.ads.linkedin.com/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQJETK1-3-JHMR
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQJETK1-3-JHMR
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A38B4B443A4D4A85B9A7CB3009FC0A1D Ref B: CHGEDGE1119 Ref C: 2024-01-23T15:55:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPnvhcAG8DrU3P9abh4Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRQJETK1-3-JHMR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzBkMzUxOGQ2NmUxMWUwNzliNmRlYzA4YjVmZmY0NmY1Y2I1NGRhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzBkMzUxOGQ2NmUxMWUwNzliNmRlYzA4YjVmZmY0NmY1Y2I1NGRhZg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzBkMzUxOGQ2NmUxMWUwNzliNmRlYzA4YjVmZmY0NmY1Y2I1NGRhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7DC7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB7FU7LX8MAABL0ILIbdQ&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB7FU7LX8MAABL0ILIbdQ&expires=30
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB7FU7LX8MAABL0ILIbdQ&expires=30
Date
Tue, 23 Jan 2024 15:55:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 7DC7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRQJETK1-3-JHMR
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRQJETK1-3-JHMR
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRQJETK1-3-JHMR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
cksync
hb.yahoo.net/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQJETK1-3-JHMR&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRQJETK1-3-JHMR&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRQJETK1-3-JHMR&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OQ0ZrSnRsRTJ1RzRNdm44NjZPenZnVF96QnBNSk5Ibn5B&ovsid=LRQJETK1-3-JHMR&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OQ0ZrSnRsRTJ1RzRNdm44NjZPenZnVF96QnBNSk5Ibn5B&ovsid=LRQJETK1-3-JHMR&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.55.235.168 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-235-168.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 23 Jan 2024 15:55:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:00 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1OQ0ZrSnRsRTJ1RzRNdm44NjZPenZnVF96QnBNSk5Ibn5B&ovsid=LRQJETK1-3-JHMR&dpid=58160
date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame 7DC7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a137e9e99239ef-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRQJETK1-3-JHMR&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84a137e968b139ef-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
check
pixel.tapad.com/idsync/ex/receive/ Frame 7DC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LRQJETK1-3-JHMR
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 7DC7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9d813f7f-f811-48f3-85aa-0a9db2943f3d&expires=30
42 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9d813f7f-f811-48f3-85aa-0a9db2943f3d&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9d813f7f-f811-48f3-85aa-0a9db2943f3d&expires=30
Date
Tue, 23 Jan 2024 15:54:59 GMT
Connection
keep-alive
X-CI-RTID
9ae40020-23ad-456e-97cb-8035297b7682
Content-Length
144
Content-Type
text/html; charset=utf-8
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 7DC7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRQJETK1-3-JHMR
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR&ckls=true&ci=t8viExOEnz&nc=false&trid=122938320
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR&ckls=true&ci=t8viExOEnz&nc=false&trid=122938320
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_ox-db5_an-db5_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
54.192.51.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-45.yul62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
hO6s_IXcrj6YehKQCwqbJQ3jCxc_M3spx0-vEXDHkULDyB3hIEpE9Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
via
1.1 5ba825173b1f7429171e730e7ae12588.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRQJETK1-3-JHMR&ckls=true&ci=t8viExOEnz&nc=false&trid=122938320
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
0dqfdQdjM59M-IvY5u-sETQsAfRSELCxG5r_C8AVFllyXLAeQFETzA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		50 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.92 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy06.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 15:55:00 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
e0a4db8779dc244a772e.js
sdk.mrf.io/statics/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/e0a4db8779dc244a772e.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab

Request headers

Referer
https://canoe.com/
Origin
https://canoe.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
content-encoding
gzip
via
1.1 c50e6c45c49371a5ebc690255500593c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
2768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 09:09:46 GMT
server
cloudflare
etag
W/"44ac276b251e58c5c7f65bad76e76963"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
84a137e5f8d83739-YYZ
x-amz-cf-id
dlwccy8743CUogxBQMzwXnnbLBElt_r5awCQJT3Ub3juuiCoHt5z1Q==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8OS,time:2600,type:e,im:%7Bpci:%7Btdr:2006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2600,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2081~0%5D,as:%5B2081~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8Pr,time:2626,type:e,im:%7Bpci:%7Btdr:2006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2626,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2054~0%5D,as:%5B2054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z8QA,pingTime:0,time:2706,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D,%7Bpiv:100,vs:i,r:,t:2706%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2706,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D,%7Bsl:i,t:2706,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:47,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z8QX,pingTime:0,time:2720,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D,%7Bpiv:100,vs:i,r:,t:2719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2148~0,0~100%5D,as:%5B2148~728.90%5D%7D%7D,%7Bsl:i,t:2719,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2148~0,0~100%5D,as:%5B2148~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://canoe.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2996 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.56.248 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-56-248.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 23 Jan 2024 15:55:02 GMT
ETag
"623de86a-cf34"
Expires
Wed, 24 Jan 2024 15:55:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBF3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46262
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 15:54:59 GMT
expires
Wed, 24 Jan 2024 04:46:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7CD0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 15:54:59 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DA99 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19867c2253ae6db7117e7d1b83cf311e35a1b203b53ef68e66f9d4938ee0adbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
11724
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 15:55:00 GMT
expires
Thu, 25 Jan 2024 15:55:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 1186 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1162
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84a137eb3e1454bb-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 15:54:59 GMT
expires
Tue, 23 Jan 2024 19:54:59 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8A25 		199 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 15:54:59 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 15:54:59 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9308ec43-e3ae-3f31-a291-3ead55bb98f8
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9308ec43-e3ae-3f31-a291-3ead55bb98f8
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Server
34.236.67.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-67-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-9308ec43-e3ae-3f31-a291-3ead55bb98f8
pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
cache-control
no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=548048c7-dad5-4ac1-b5fb-e227639bfb6c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:54:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HKGWKCSEE9SD6H3C0KT9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7CD0 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f37871d176a351c045bf481db13719ee75c202eac94523260600f762ac7276dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:54:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 12:31:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74198
Connection
keep-alive
Content-Length
10964
Expires
Wed, 24 Jan 2024 12:31:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7075 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTb_QvEIFC4ROVxDWr07viEJ5L5K-Tf6_uuD3qHOCTG7hTS6je9_MwmciFNG-EtrN1qQ1lbY7rKLQnj-ZdNFoukl4NJYWc3FvIEshtDWa3rIzgHOW8Bi4ydLZBItOkmJHIHCaatenL5TmL3pZunKiDBqHF&sig=Cg0ArKJSzPzq0j_DGNQvEAE&id=lidar2&mcvt=1045&p=109,436,199,1164&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1740580364&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706025295322&rpt=3350&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CBF3 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72385624&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:58 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F33 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZ7RGmE-yc4O0JUzLAx1psfaRbKi0zcB_OUNCYccKQl62qAQjl9uugfA6fk-zzucMlPUMF2dVo7i_NKwyor27fKG0SlAxkesUF6z-Cdlg4111KVYMXKqPTkt-CsX__I-4fegcCxa_vrl3LaHB2RdyQBpVi&sig=Cg0ArKJSzKzdynQKe6v4EAE&id=lidar2&mcvt=1010&p=322,1238,922,1538&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3708781197&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706025295283&rpt=3435&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9E35 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd6e613cf767c517108d5ec93ba8a08f1d399a5ad11748327be3668c159965b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84a137eb8a17a20b-YYZ
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 15:54:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u8R4PAU811uT5h%2FCbtKeQrxIEwQXr70gIAW5UBUYCGlnd%2B9syLv%2B7ardFmBlxVChjtAoEpdbCsztWoZbkxxvR20j56wpT%2BochgxkgqpMIwuA4kn%2Bsd379pktKWjy3gFE6WfdGv8yiVhXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.119.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-119-111.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://canoe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 23 Jan 2024 15:55:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.119.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-119-111.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:55:01 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za-hTsAd2z0o6YwhzgsgZwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKu3rL9OBLx86MaSS-c2VF8&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKu3rL9OBLx86MaSS-c2VF8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdNyhwCj429OzSAy99Qx%2FXfWt2tWRo2L6lhXBfmxhLKvT4gxmB%2BX12lzEMSHo0inrJGBmzDYeXQIkshwouWNcV9nMaDxZz9a66jY2NvmDEJDqzkHcknmlqAgWniu4X2PvINXOGqm9Ucz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137ecdbf4a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKu3rL9OBLx86MaSS-c2VF8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7382765016243788889
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7382765016243788889
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIvggUZjQWpBwjyG3aaqhkcqfEpShr%2BDwF2ox9ybDx0JhppGXh3%2FSS84Chs%2Fp%2BtmYoijqKho%2BlLZlk7tSqvAL9T2DdRxYW7XKZdjJDhzOw8zXCH7z6OfR87oCoMcsWBmoHad%2FmfixxkrOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137ec4b44a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:54:59 GMT
an-x-request-uuid
437086c5-f2a5-412f-8fbe-46706188a494
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7382765016243788889
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E35 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.147.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-147-189.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E35
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
34.228.147.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-147-189.compute-1.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
date
Tue, 23 Jan 2024 15:54:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6090886847504423763&gdpr=0&gdpr_consent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6090886847504423763&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HscXbJsXPKeMBiqMAhVzxi6t%2BPjim6s8BdNKqDNxUQzLl872rlsIGRTcw1eKUkdGP8uCl3ePU8dS4gIodO%2BPa8nuHq%2FevNAWdTTLpGmbHmIKioTxq7mBsnP2noxzSgqgEWjwact10ccP9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137efa990a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=6090886847504423763&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 15:54:59 GMT
content-length
0
user-registering
ads.stickyadstv.com/ Frame 9E35 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1706025300190041-1164
rum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za-hVQAQqK4_RwBH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za-hVQAQqK4_RwBH&_test=Za-hVQAQqK4_RwBH
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za-hVQAQqK4_RwBH&_test=Za-hVQAQqK4_RwBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL2c16pVou1dw1RTDt6Pt3cVX%2Bmnr0swf2H6rdhVQjIu3aKqbBsaxYTypTx64nHuR5cMG4tsmakWL90B3XnzVBD4twQP2CgenNrcrbw4rg1gvWRODOFbqpu44UyVvETRealtJFtQNSQOlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a137f4caf0a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-yyz4545-YYZ
pragma
no-cache
date
Tue, 23 Jan 2024 15:55:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706025301.219617,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za-hVQAQqK4_RwBH&_test=Za-hVQAQqK4_RwBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 9E35
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9762b539-d7c7-44db-90cc-9234b730d428&expiration=1737647707
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9762b539-d7c7-44db-90cc-9234b730d428&expiration=1737647707
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwoucRvE03BOWmhDOQPoDaU%2BBw8OPTW%2FMZ2g2A5MbZUZjGgjCNcWAJSZu77hCOhomQsQdZZjy7JmYncNA5q6OlC76K93nblBOGEB8%2BV5gejf7VrAuMbONA7Odzr0Wch7ve2QHBvSaxjlGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a138197ea6a20b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9762b539-d7c7-44db-90cc-9234b730d428&expiration=1737647707
Date
Tue, 23 Jan 2024 15:55:07 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9E35 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Za-hTsAd2z0o6YwhzgsgZwAA%263792
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcanoe.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:54:59 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
23901
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84a137ec0f2054bb-YYZ
content-length
43
expires
Wed, 24 Jan 2024 15:54:59 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z96J,pingTime:1,time:3707,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D,%7Bpiv:100,vs:i,r:,t:2706%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:2706,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D,%7Bsl:i,t:2706,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z96K,pingTime:1,time:3708,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D,%7Bpiv:100,vs:i,r:,t:2706%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:2706,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D,%7Bsl:i,t:2706,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26z96K,pingTime:1,time:3708,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D,%7Bpiv:100,vs:i,r:,t:2706%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:2706,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D,%7Bsl:i,t:2706,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:48,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z977,pingTime:1,time:3722,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D,%7Bpiv:100,vs:i,r:,t:2719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:2719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2148~0,1~100%5D,as:%5B2149~728.90%5D%7D%7D,%7Bsl:i,t:2719,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:53,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z977,pingTime:1,time:3722,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D,%7Bpiv:100,vs:i,r:,t:2719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:2719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2148~0,1~100%5D,as:%5B2149~728.90%5D%7D%7D,%7Bsl:i,t:2719,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:53,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26z978,pingTime:1,time:3723,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D,%7Bpiv:100,vs:i,r:,t:2719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:2719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2148~0,1~100%5D,as:%5B2149~728.90%5D%7D%7D,%7Bsl:i,t:2719,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:53,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 28C6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ICkbiPZHHeqaHvfySAOVZpoc&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PGEWZKAB7HACFQTS8QDD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 28C6
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=ICkbiPZHHeqaHvfySAOVZpoc&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=880325447675
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=880325447675
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=880325447675
Content-Length
0
merge
ce.lijit.com/ Frame 28C6
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=7f918612-84ae-4d74-8302-b161ddf6a31e&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 15:55:00 GMT
server
Kestrel
content-length
223
merge
ce.lijit.com/ Frame 28C6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=DG2vwtTtrdBF-22vfB1M6YyOJdRe2UB_UQtW3H06gE8&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=DG2vwtTtrdBF-22vfB1M6YyOJdRe2UB_UQtW3H06gE8&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=DG2vwtTtrdBF-22vfB1M6YyOJdRe2UB_UQtW3H06gE8&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Tue, 23 Jan 2024 15:55:02 GMT, Tue, 23 Jan 2024 15:55:02 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
ads.avct.cloud/ Frame 28C6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
0
0
merge
ce.lijit.com/ Frame 28C6
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LRQJETK1-3-JHMR&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRQJETK1-3-JHMR&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LRQJETK1-3-JHMR&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JPRDS7DYTE&gtm=45je41h0v880952826z8854753396&_p=1706025295239&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1123503880.1706025295&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=3&dl=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&sid=1706025295&sct=1&seg=1&dt=Puzzles%20and%20Games%20%7C%20Canoe.Com&en=page_view&ep.debug_mode=false&ep.gtm_version=55&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=puzzles&ep.platform=Cheetah&ep.platform_version=15.2.1&ep.fem_version=v94.0&ep.brand=Canoe&ep.timestamp=2024-01-23T07%3A54%3A55.812-08%3A00&ep.ga_client_id=1123503880.1706025295&ep.main_category=puzzles&ep.metered_content=false&_et=16&up.client_id=1123503880.1706025295&tfd=9136
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPRDS7DYTE&l=gtm_data_layer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://canoe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame DA99 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
566528
expires
60
usync.html
eus.rubiconproject.com/ Frame 3169
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 15:55:01 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Jan 2024 15:55:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 455D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Drkt%26refUrl%3D%26vid%3D602530093134902690093356480...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3490269009335648000V10&type=rkt&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=969751697225496346
231 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3490269009335648000V10&type=rkt&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=969751697225496346
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Tue, 23 Jan 2024 15:55:02 GMT
expires
Tue, 23 Jan 2024 15:55:02 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 23 Jan 2024 15:55:02 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3490269009335648000V10&type=rkt&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=969751697225496346
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78E7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dpba%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=46261
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 15:55:00 GMT
expires
Wed, 24 Jan 2024 04:46:01 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame DA99 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=son&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=[UID]
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:04 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-43
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DA99 		43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dopx%26refUrl%3D%26vid%3D60253009313490269009335648000V10%26axid_e%3D%26ovsid%3D
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame DA99
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dr1%26refUrl%3D%26vid%3D60253009313490269009...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5939798741
  • https://sync.1rx.io/usersync/tradedesk/7f918612-84ae-4d74-8302-b161ddf6a31e
  • https://sync.targeting.unrulymedia.com/csync/RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=r1&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=r1&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=r1&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005
date
Tue, 23 Jan 2024 15:55:01 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXba17f5ef210c49b7ae288e09adf5559f005
content-type
text/html
cksync
cs.media.net/ Frame DA99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ5MDI2OTAwOTMzNTY0ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEP3l24FyULbtMzttCccuHiI&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEP3l24FyULbtMzttCccuHiI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.160.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:01 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEP3l24FyULbtMzttCccuHiI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DA99
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3490269009335648000V10%26type%3Ddxu%26refUrl%3D%26vid%3D60253009313490269009335...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=dxu&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=AqzA1y3t1Rsj715
57 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=dxu&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=AqzA1y3t1Rsj715
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-035372132987bad83@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3490269009335648000V10&type=dxu&refUrl=&vid=60253009313490269009335648000V10&axid_e=&ovsid=AqzA1y3t1Rsj715
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DA99
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31be1049-9c01-4c85-8803-eb6651fa5faa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
57 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31be1049-9c01-4c85-8803-eb6651fa5faa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=31be1049-9c01-4c85-8803-eb6651fa5faa&gdpr=0&gdpr_consent=&us_privacy=&gpp=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1263035
content-length
0
expires
Tue, 23 Jan 2024 00:00:00 GMT
sync
x.bidswitch.net/ Frame DA99 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:55:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame DA99
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=E9mh-UUThzA6rbkyGubs
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=E9mh-UUThzA6rbkyGubs
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:02 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:02 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=E9mh-UUThzA6rbkyGubs
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DA99
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3490269009335648000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3490269009335648000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=c0f4ca35-e5ee-4437-9a17-a464a63ced7b&cs=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=c0f4ca35-e5ee-4437-9a17-a464a63ced7b&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=c0f4ca35-e5ee-4437-9a17-a464a63ced7b&cs=1
date
Tue, 23 Jan 2024 15:55:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame DA99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f918612-84ae-4d74-8302-b161ddf6a31e
57 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f918612-84ae-4d74-8302-b161ddf6a31e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.52.160.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 15:55:01 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7f918612-84ae-4d74-8302-b161ddf6a31e
date
Tue, 23 Jan 2024 15:55:00 GMT
server
Kestrel
content-length
199
usync.js
eus.rubiconproject.com/ Frame 3169 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f37871d176a351c045bf481db13719ee75c202eac94523260600f762ac7276dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 15:55:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jan 2024 12:31:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74196
Connection
keep-alive
Content-Length
10964
Expires
Wed, 24 Jan 2024 12:31:37 GMT
khaos.json
token.rubiconproject.com/ Frame 3169 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LRQJETK1-3-JHMR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
cksync.php
contextual.media.net/ Frame 3169
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LRQJETK1-3-JHMR
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRQJETK1-3-JHMR
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRQJETK1-3-JHMR
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUKB9454&prvid=2034%2C2033%2C2031%2C2030%2C550%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C2012%2C2055%2C172%2C3020%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2023%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 15:55:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 15:55:01 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LRQJETK1-3-JHMR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
async_usersync
ib.adnxs.com/ Frame 2996 		0
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:02 GMT
an-x-request-uuid
08d7e15d-622d-4bd6-af14-1ddd9412cb3e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2996 		0
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:03 GMT
an-x-request-uuid
90d06bdf-14bd-4a7b-8add-ecf067f196d3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
62.3.36.140; 62.3.36.140; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=658db809-7846-8522-1de0-0f859fe76c00&tv=%7Bc:26za9f,pingTime:5,time:7707,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:558%7D,%7Bpiv:100,vs:i,r:,t:2706%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:2706,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:557,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2187~0,0~100%5D,as:%5B2187~300.600%5D%7D%7D,%7Bsl:i,t:2706,wc:0.0.1600.1200,ac:1238.323.300.600,am:i,cc:1238.323.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:53,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17*.928934%7C171%7C18.928934%7C181,idMap:17*,rmeas:1,rend:1,renddet:IMG.qs,siq:559,sis:643%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:04 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=9d8e29f7-8e70-b336-c608-81abe18edb48&tv=%7Bc:26za9D,pingTime:5,time:7722,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:580%7D,%7Bpiv:100,vs:i,r:,t:2719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:2719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:580,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2148~0,1~100%5D,as:%5B2149~728.90%5D%7D%7D,%7Bsl:i,t:2719,wc:0.0.1600.1200,ac:436.109.728.90,am:i,cc:436.109.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:49,fm:u2cAhxM+11%7C12%7C1311%7C1312%7C1313%7C1314%7C1315%7C1316%7C1317%7C14%7C15%7C16%7C17.928934%7C171%7C172%7C18*.928934%7C181,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:581,sis:651%7D&br=c
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.192.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-192-107.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:04 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:55:07 GMT
content-length
0
vary
Origin
esp
oajs.openx.net/ 		85 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fcanoe.com%2Fpuzzles%2F&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
22d9df1da6b72a887f5e092bdb4c42a9fec1ba5f6bfb5ef50635b98cb0f019b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:08 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-oXkTtYxvLsvejsWgLDzPZBYfmXo"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://canoe.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
map
bcp.crwdcntrl.net/6/ 		154 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.57.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-57-44.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
309a993498164265e77534ab120ab6575fe37f058b9c82b31716dd3e358458ec

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://canoe.com
cache-control
no-cache
x-server
10.40.10.195
access-control-allow-credentials
true
content-length
154
expires
0
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 15:55:08 GMT
content-length
0
vary
Origin
pd
google-bidout-d.openx.net/w/1.0/ Frame 7042 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Tue, 23 Jan 2024 15:55:08 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
encrypt
esp.rtbhouse.com/ 		221 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
951989bc87fb8d63be622ab62a9e5a33352f80947ed90041a24b1129772c07fa

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
6ff0c9ecd6eee79181fac3c913f06d45
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dw-check.html
experiences.mrf.io/passexperience/ Frame B24B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://experiences.mrf.io/passexperience/dw-check.html?v=6
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1315532
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
84a13825fed9a1fc-YYZ
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 15:55:09 GMT
last-modified
Mon, 08 Jan 2024 08:31:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401220101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
704c5c5d43e23afed88de0125045033be916830d02ae45b87afe2d1c7004ec99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12364
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 95D9 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=canoe.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 15:55:08 GMT
server
Kestrel
server-processing-duration-in-ticks
1709649
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ingest.php
events.newsroom.bi/ 		2 B
773 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.92 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy06.cl11.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://canoe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://canoe.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
ribn.min.js
assets.ribn.com/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/production/ribn.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKM4ZNQ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
content-encoding
gzip
via
1.1 e2bc53c67d7a4b6beae25c798d638b10.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-P2
age
4248
x-cache
Hit from cloudfront
last-modified
Wed, 28 Oct 2020 14:49:59 GMT
server
cloudflare
etag
W/"6b213f30955b664fd78dc9e388b17e54"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
84a138267acaa1f3-YYZ
x-amz-cf-id
m7WUmKYv2kNXJsLERUE4hl9A4_3Lp6sMHfkHLjyIT_G_JWLT_afVTw==
expires
Tue, 23 Jan 2024 19:55:09 GMT
ribn-postmedia.min.js
assets.ribn.com/v2/production/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ribn.com/v2/production/ribn-postmedia.min.js
Requested by
Host: canoe.com
URL: https://canoe.com/puzzles/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
content-encoding
gzip
via
1.1 4c6036e1a9755ebb992fa03bf694150e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
YUL62-P2
age
4820
x-cache
Hit from cloudfront
last-modified
Wed, 01 Sep 2021 18:06:03 GMT
server
cloudflare
etag
W/"baaa6497dd2dea88d8fdb6d6cca08cf2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
cf-ray
84a138267ad0a1f3-YYZ
x-amz-cf-id
XOlY-aAtOALPB19btHduDpnoUTOHvdH_-G9TjhuUtS3G16v7sBhW9g==
expires
Tue, 23 Jan 2024 19:55:09 GMT
json
gum.criteo.com/sid/ Frame 95D9 		433 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=canoe.com&sn=ChromeSyncframe&so=0&topUrl=canoe.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=canoe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5d01b6f098a1ebb8e78b398f88278a15a6573d3a5dfb8d98751aa7fcf85034a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=canoe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 15:55:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
998861
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401220101/pubads_impl.js?cb=31080610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 15:55:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BC6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
221358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 02:25:51 GMT
expires
Mon, 20 Jan 2025 02:25:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 711B 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
GSE /
Resource Hash
cdbdba5d00abc7568d598dd6509509044dd299602073273da6649c81f328e35e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xZV_LjAl1HDn7utw3hbtPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canoe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xZV_LjAl1HDn7utw3hbtPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 15:55:09 GMT
expires
Tue, 23 Jan 2024 15:55:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 711B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401220101&jk=1870782313095608&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5BC6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 02:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
220537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Jan 2025 02:39:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 5BC6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ngm7Mg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:55:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401220101&jk=1870782313095608&bg=!TU6lTgHNAAa8BdJLnAU7ADQBe5WfOO2I8JFrx4qCfA7JPiQdMFSOFAI0b8voVG43OGoiodrWof0q5Y1wxmIpFRS8I6OrAgAAAGlSAAAAAmgBBwoAPaEXV3HSO9EuMlyG5z-tLbWb0qFJv6WlZFUhcKMpCLmy9weVlvSXGGH6egeOzzIolm5xUaYR45xMM7NZTQqZArZJz-SUcwFYxpjr0DcmDR-7pVSr-sXKARBaulZGpCzJbpCU2Zwcco1tSU0wjlRjCLmgPx7WRAnJPfQ0BGcDTXz32WOePpY_1SpThB3qj4tYlhr9IPZrLLddDdihgVEi8vMQ_kIjcKns_dq3PvmasURhDN9ElKbuKX-M1i4YbQaR9_2U30pQhaRVhgNtjI-EJXL32rlpJnFCmjV5VpL6qLbTWXey-O1B-OBryhqCbYRu13MfRE61po9AdrHBGZAznwcN92yeGeuDEVT_8TR05lALo5ck8vnzr1J_a0mmDEx0b1pS2knXE_EtySKcxMcG5RJ-za-4H1zRyiX_epm8DPExzKA3WpwzFnyfF_8ywD2V1tCxIYftrizjH9pK0NovbHsN0NDVA4gkeQXSQEELPQ0FEHkdsECFv3N9jl4qzlD7n7WGk5_4xLVvs-5eZ5r2PZprrf6f_KNA7vs7EuVA1copBPKW6vyz1r_Wg_lCmanTYBW0Uwx2CNsf6fdrzRluOko8hRH7X5k8SNlYYkb23XbMVptYnkunY4odyi-afAZPoBiM3ZxZYiOYps_hJUWFFxvPCk1yP0amCrzX7-1enIYoc3iSz4j1_ZqYvqbvhl0ufW7Oy4o0Y-M2Kwlu7AUj9CNi1gz882TYp6O8YC2dW5FGkTzz2x5wS3ay3eqjUeWmkKmaToYUyZFEesnu4P5Kfmiibq5qu16YrdOsIUMJ6IFLbZsVZYHU5F9OxJCnnTAp7UoKU3cRjCn9fgI_FtfqPvHrrlkXzO8UrXmNnjKGhFmqZY_KSzQoi5_QhYOFGrR9xdbD-cLd1u1zkG9fjC9e5FfcVGlDHKHNev1mh9fy0Sg_uGVkD_HSsgNfWFqJb95ibURNhRPLIaVWxg1NK7j80bWZxqIaxWc4vW_S0yrRpVpHcf_80axs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://canoe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.23.0
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
c2shb.pubgw.yahoo.com
URL
https://c2shb.pubgw.yahoo.com/bidRequest
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901911
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| setNptTechAdblockerCookie object| script object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| jwpServices object| jwplacements object| _comscore object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs string| amuCustomerId number| amuSubId string| amuKey string| amuEmbedType string| amuTemplateType object| GibberishAES object| UU number| totalChunks string| enc string| e_enc object| j function| iFrameResize object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash function| handleLiveTapResponse function| __spreadArray function| CXBootstrapLoader function| identifyRootURL function| generateDebugLog object| webpackChunkdjango_content_services object| htmx object| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing object| COMSCORE object| ns_p function| CXBootstrapper object| ms string| iasScores object| Criteo object| __permutive object| PublisherCommonId number| google_unique_id object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| Criteo_identitytag_149 object| vf object| vfQ boolean| femCePnIdReadyTriggered object| dataLayer object| mParticle object| gtm_data_layer object| google_tag_manager function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag function| _33AcrossIdMappingsProvider object| _33across object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mpartical object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| __IntegralASExec function| _typeof object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| signal_decrypted object| Ribn object| GoogleGcLKhOms object| google_image_requests

146 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARCFFwoGCKIBEIUX
.canoe.com/ Name: pbjs_sharedId
Value: b704dcc8-5f0e-491f-aa6a-7ed14c8d5d10
.canoe.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.scorecardresearch.com/ Name: UID
Value: 10F13772a2a3e37715599651706025292
.canoe.com/ Name: permutive-id
Value: 740ce053-11a9-481b-a7fa-a8b00aa5c7fb
canoe.com/ Name: __adblocker
Value: false
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
canoe.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1706025292786,"mac":-1093577178}
.adnxs.com/ Name: XANDR_PANID
Value: op447Pn1Ki_c01YiwceCFi1MFmAF_kCAS7sJpo-ic_hr2RneiVKfvF6Yg-pzWgbs2fxaKC8a3YC90RiT76K0rACDd4IIYSnVY3jzjxwf1g8.
.adnxs.com/ Name: icu
Value: ChgI-8pGEAoYASABKAEwzMK_rQY4AUABSAEQzMK_rQYYAA..
.adnxs.com/ Name: uuid2
Value: 7382765016243788889
.sharethrough.com/ Name: stx_user_id
Value: c7f9f483-0984-41e6-ab38-47d409b7adab
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 7a2d7a02-fbd7-47a1-a78a-1e39b6c82283
.rubiconproject.com/ Name: khaos
Value: LRQJETK1-3-JHMR
.amazon-adsystem.com/ Name: ad-id
Value: A5YESZDCbEd6mLLAGAQXGCw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: Za-hTsAd2z0o6YwhzgsgZwAA
.casalemedia.com/ Name: CMPS
Value: 3792
.casalemedia.com/ Name: CMPRO
Value: 3792
.mathtag.com/ Name: uuid
Value: 878e65af-e14e-4d00-8a20-c231dd793b4c
canoe.com/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"j9mw1m1sisvkwjeq3579ov3n9k5od0hs7fgvgmywj","updated":1706025295232},"exp":604800000,"ts":1706025295232,"mac":777053449}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"adLightDisabled":true,"id":"j9mw1m1sisvkwjeq3579ov3n9k5od0hs7fgvgmywj","updated":1706025295232},"exp":604800000,"ts":1706025295243,"mac":777054441}
.doubleclick.net/ Name: IDE
Value: AHWqTUkulcCVyb5umK1lfnorUY98jvuss8nErOOQq0sC0YX3h43OizJWb7s3u2AE9m0
.canoe.com/ Name: __gads
Value: ID=b97dd45f6378c362:T=1706025294:RT=1706025294:S=ALNI_MZegXkVOo4EQ4ZHBoMpSGGttwPJHQ
.canoe.com/ Name: __gpi
Value: UID=00000a09033ba89b:T=1706025294:RT=1706025294:S=ALNI_Mae_8vgxNvCi9EWW5Y4mr3_KMtspg
.canoe.com/ Name: _ga_72QH41ZTMR
Value: GS1.1.1706025295.1.0.1706025295.60.0.0
.w55c.net/ Name: wfivefivec
Value: AqzA1y3t1Rsj715
.w55c.net/ Name: matchcasale
Value: 5
.canoe.com/ Name: _ga_JPRDS7DYTE
Value: GS1.1.1706025295.1.1.1706025295.60.0.0
.openx.net/ Name: i
Value: 7c050e1e-1748-0592-1012-31b80af10e28|1706025295
.canoe.com/ Name: _gcl_au
Value: 1.1.500290683.1706025297
.turn.com/ Name: uid
Value: 8109771040243830765
.canoe.com/ Name: _ga
Value: GA1.2.1123503880.1706025295
.canoe.com/ Name: _gid
Value: GA1.2.1928666750.1706025297
.canoe.com/ Name: _gat_UA-213173459-13
Value: 1
.canoe.com/ Name: _gat_UA-138335866-20
Value: 1
.canoe.com/ Name: _ga_GLBG5PB1H0
Value: GS1.2.1706025296.1.0.1706025296.0.0.0
.canoe.com/ Name: _fbp
Value: fb.1.1706025296865.1807733250
.viafoura.co/ Name: VfSess
Value: 0ssjmfhp48ns1kdsa64ov8cf8s
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005%22%7D
canoe.com/ Name: _vfz
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.1706025297.1.medium=direct|source=|sharer_uuid=|terms=
.canoe.com/ Name: _vfa
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.806c885c-8d05-4e3d-aff7-9cb74acaf57d.1706025297.1706025297.1706025297.1
.canoe.com/ Name: _vfb
Value: canoe%2Ecom.00000000-0000-4000-8000-fbf6c20ee327.2..1706025297....
.canoe.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'42231d53-2606-499e-935b-78b7f2d46f1a'|'das':'23ae0803-f3c4-4e1d-e3d9-e703ffe612a2'|'csm':'WyI0NTQyODI2NDI2MTkwNDc4ODA5Il0='|'sid':'051ED3D6-E621-444E-81CF-698C915FED96'|'les':1706025297727|'ssd':1706025296434}|'l':1|'4542826426190478809':{'fst':1706025297609|'ui':'eyIwIjoiajltdzFtMXNpc3Zrd2plcTM1NzlvdjNuOWs1b2QwaHM3Zmd2Z215d2oifQ=='}|'cu':'4542826426190478809'}
.canoe.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://canoe.com/puzzles/%22%2C%22sref%22:%22%22%2C%22sts%22:1706025297958%2C%22slts%22:0}
.canoe.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=8935fe1c-7b20-4928-9b5c-2dba411315fe%22%2C%22session_count%22:1%2C%22last_session_ts%22:1706025297958}
.viafoura.co/ Name: vfDeviceId
Value: 2086deac-8974-49d8-8a3b-275fdc643ed4
.canoe.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1706025298%2C%22currentVisitStarted%22%3A1706025298%2C%22sessionId%22%3A%2268da51d8-7bb8-4b9a-a0a9-cd9e18cd0221%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//canoe.com/puzzles/%22%2C%22referrer%22%3A%22%22%7D
.canoe.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1706025298%2C%22userId%22%3A%220ec80569-aadc-4744-8c5b-3351f98dfe49%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1706025298%2C%22timesVisited%22%3A1%7D
.canoe.com/ Name: compass_uid
Value: 0ec80569-aadc-4744-8c5b-3351f98dfe49
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 4b6658f6-227b-4613-a5d8-c6a46ee3c408
.prebid.a-mo.net/ Name: sd_amuid2
Value: 4b6658f6-227b-4613-a5d8-c6a46ee3c408
.tapad.com/ Name: TapAd_TS
Value: 1706025299221
.tapad.com/ Name: TapAd_DID
Value: 9ddcff08-0b1d-4d12-b73d-0123ff41f490
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ipredictive.com/ Name: cu
Value: 9d813f7f-f811-48f3-85aa-0a9db2943f3d|1706025299353
.connatix.com/ Name: cnx_userId
Value: 09fff14638bd44d7a7b805afe53768ff
.primis.tech/ Name: csuuid
Value: 65afe15372882
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: t8viExOEnz
.adsrvr.org/ Name: TDID
Value: 7f918612-84ae-4d74-8302-b161ddf6a31e
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-9308ec43-e3ae-3f31-a291-3ead55bb98f8
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2gcf:19e0~2gcf:175w~2gcf"
.yahoo.com/ Name: A3
Value: d=AQABBFPhr2UCEKAGiQM_Yt0LY5o2vog0JNgFEgEBAQEysWW5ZSXaxyMA_eMAAA&S=AQAAAiLtyyTH0EbpvNxFP5JUpDs
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMkNhSVRO
.intentiq.com/ Name: IQPData
Value: 1040393356#1706025300028#0#1706025300028
.intentiq.com/ Name: intentIQCDate
Value: 1706025300036
.intentiq.com/ Name: ASDT
Value: 0
.ads.stickyadstv.com/ Name: UID
Value: ab9c488855135b27793ce2c97676f6f
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Za_hTsAd2z0o6YwhzgsgZwAADtAAAAAB
.smartadserver.com/ Name: pid
Value: 6090886847504423763
events.newsroom.bi/ Name: 1528_u
Value: 0ec80569-aadc-4744-8c5b-3351f98dfe49
events.newsroom.bi/ Name: 1528_s
Value: 68da51d8-7bb8-4b9a-a0a9-cd9e18cd0221
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
.hb.yahoo.net/ Name: visitor-id
Value: 3490269009335619000V10
.hb.yahoo.net/ Name: data-mag
Value: LRQJETK1-3-JHMR~~63
.lijit.com/ Name: ljt_reader
Value: ICkbiPZHHeqaHvfySAOVZpoc
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDcwNzI2sTQw0FEyM0PlW6DxjSB8MwMzC1Mw3xzCNzM2MDQwqAUAlgoQLg%3D%3D
.lijit.com/ Name: _ljtrtb_27
Value: 7f918612-84ae-4d74-8302-b161ddf6a31e
.acuityplatform.com/ Name: auid
Value: 880325447675
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFGTWEDG5KYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRk1hAxuSj3RoaXJkUGFydHlVc2VySWRXSUNrYmlQWkhIZXFhSHZmeVNBT1ZacG9j+/uGdmVyc2lvbsL7
.media.net/ Name: visitor-id
Value: 3490269009335648000V10
.lijit.com/ Name: _ljtrtb_66
Value: 880325447675
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: AqzA1y3t1Rsj715~~8
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIzq7q-7WNzjwQBRgBIAEoAjILCP7M-rTMjc48EAU4AVoLYWRjb25kdWN0b3JgAg..
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Za-hVQAQqK4_RwBH
.mfadsrvr.com/ Name: tuuid
Value: c0f4ca35-e5ee-4437-9a17-a464a63ced7b
.mfadsrvr.com/ Name: c
Value: 1706025301
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706025301
.mfadsrvr.com/ Name: ssh
Value: !medianet,1706025301
.media.net/ Name: data-r
Value: LRQJETK1-3-JHMR~~1
.media.net/ Name: data-r1
Value: RX-ba17f5ef-210c-49b7-ae28-8e09adf5559f-005~~8
.media.net/ Name: data-ttd
Value: 7f918612-84ae-4d74-8302-b161ddf6a31e~~1
.media.net/ Name: data-g
Value: CAESEP3l24FyULbtMzttCccuHiI~~8
.media.net/ Name: data-mf
Value: c0f4ca35-e5ee-4437-9a17-a464a63ced7b~~1
.liadm.com/ Name: lidid
Value: 91e6910f-6b77-4f44-b8d4-ef812555a35d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2f6d7481-d3ef-5079-6e21-b8ee5c492a9e.t35Foylv9j7yri0rmCSy0cFw0aovC7dUaRbXV4CCv8k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2f6d7481-d3ef-5079-6e21-b8ee5c492a9e.t35Foylv9j7yri0rmCSy0cFw0aovC7dUaRbXV4CCv8k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AL210gdPvUHluIbjuXEkqnj4DJIw.Wiwtz31TN2MYGWFx4CApT8D9lmxs7EtoBPZbkWiMLJc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AL210gdPvUHluIbjuXEkqnj4DJIw.Wiwtz31TN2MYGWFx4CApT8D9lmxs7EtoBPZbkWiMLJc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIH21XSwrSEsJNKePDg2SsHB9BY9LXh0PNcZNiUSeZzHzEHwYBCDVwr-tBjABOgQ7vvenQgT7Tjsw.31Y425avIW3C%2BOLzmXxLb0WOIGjRUpUIrP77jv59cl0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIH21XSwrSEsJNKePDg2SsHB9BY9LXh0PNcZNiUSeZzHzEHwYBCDVwr-tBjABOgQ7vvenQgT7Tjsw.31Y425avIW3C%2BOLzmXxLb0WOIGjRUpUIrP77jv59cl0
.bidswitch.net/ Name: tuuid
Value: 4f04ce51-0ac9-45dd-88ea-a31436a7c9fa
.bidswitch.net/ Name: c
Value: 1706025301
.bidswitch.net/ Name: tuuid_lu
Value: 1706025301
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: LRQJETK1-3-JHMR
.creativecdn.com/ Name: u
Value: POfMzbbi009lHhXQy0yF
.creativecdn.com/ Name: g
Value: POfMzbbi009lHhXQy0yF_1706025302009
.creativecdn.com/ Name: ts
Value: 1706025302
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDc1BBJGRqYmlmbGJmZCfIa6SUbhBs6ViT4u2W4-AIozqXkkAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDc1BBJGRqYmlmbGJmZCfIa6SUbhBs6ViT4u2W4-AIozqXkkAAAA
.lijit.com/ Name: ljtrtb
Value: eJwNyjEOgCAMAMC%2FdLYJhdJWdxODOkj8AAb4hPHvsl7uBRFYwMwFH5lVNMIEXodpn8mEPBqXhlyV0YLz%2BJBQrV1KoDauuXGPfKX13gkDpu3M8P1g8BRx
.lijit.com/ Name: _ljtrtb_86
Value: DG2vwtTtrdBF-22vfB1M6YyOJdRe2UB_UQtW3H06gE8
.media.net/ Name: data-rk
Value: 969751697225496346~~8
.zemanta.com/ Name: zuid
Value: E9mh-UUThzA6rbkyGubs
.media.net/ Name: data-ze
Value: E9mh-UUThzA6rbkyGubs~~1
.rezync.com/ Name: zync-uuid
Value: 420bbdb5-c637-400e-8aa0-8d82cb81fffc:1706025303.4901533
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRWAMAgFwIvt4PtsCdpNIKEQK3fmu6YJMnc61dBJBhyKtUCxQyqDu7tenhgQV-htD9hVfxa9W3I6AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRWAIAwFwAmsmCO8n4RAdBsCMpClpZNa-izvrtSKIGKG0ajaqAAnee8gny4jnNda4-CGCjGF5rKDTfVO25dW-flbXqCg9CpaAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNykkKwzAMQNG7aB0X2fJ8meBBBtMmLXG6acjd682HB_-C9cPHlnbeT4jn8eUFyqtPDYgXjP7b-AkRgg3OyBmljA6WtIV7gcFj9Pe-9joXrTDnmo0olpzQiCx8Sih89apkL1trJUqHFpUhpIcOKA0R3H-kKyXv.Za_hVw.GFng-1NrYxMmQOzEkhBM3IQHMU8
.rlcdn.com/ Name: rlas3
Value: +Kv8yW+cyjIrE6ustAKPm296gFcvXgrVwlHW0NsFAZU=
.rlcdn.com/ Name: pxrc
Value: CNfCv60GEgUI6AcQABIGCLrqARAA
.criteo.com/ Name: uid
Value: 31be1049-9c01-4c85-8803-eb6651fa5faa
.go.sonobi.com/ Name: HAPLB8G
Value: s8643|Za/hW
.media.net/ Name: data-c
Value: 31be1049-9c01-4c85-8803-eb6651fa5faa~~1
.media.net/ Name: data-c-ts
Value: 1706025304
.bidr.io/ Name: bito
Value: AAB7FU7LX8MAABL0ILIbdQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEEJXQr8OEiCJ1pv7+yD2j5lqjpaGyhhoETkO5V+MI7zZzQ6wVyzhJlaNgdOVL2Yy+r60Q0SmvShnoebD9XI3Kh
.linkedin.com/ Name: bcookie
Value: "v=2&e3bb0476-db3b-4837-8bb5-7fab1f6e109b"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3142:u=1:x=1:i=1706025306:t=1706111706:v=2:sig=AQFtxrRgL4g92uuUwxC2OLHZgNhZQmo7"
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 9762b539-d7c7-44db-90cc-9234b730d428
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ZeiCpWKgl%2FNYUTmXQbePUQ64JHyCFf4hUFQCOWEfIddgLJ5moem1%2BJ4p9kHhx0PNUnRu2xqu0qing13tHspOgA%3D%3D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a291e7704cf18699481512c2242c1d4
.canoe.com/ Name: _cc_id
Value: a291e7704cf18699481512c2242c1d4
.canoe.com/ Name: panoramaId_expiry
Value: 1706111708227
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.canoe.com/ Name: cto_bundle
Value: 92uPP19hOElIMW1xdmlRcmxmUXlDU0FtJTJCMmlORU41WTVQNDN3UkdnSUNYaXY4WXl4U0M0UTU1JTJCN3E0N25xb1h3MFRkaHd6aTZtU1JaallXejB3Rlp2SFBRZU0xQTR6RFhwcXpTblJ4Y2d0djcxSyUyRmNLS1IxZ1doRTJGJTJGMlF0RDVFZmFTRUlpTGplOGVYMmwlMkZlaUFJenJhd2lBJTNEJTNE

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://canoe.com/puzzles/
Message:
The resource https://ak.sail-horizon.com/spm/spm.v1.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
499d3b7db2319274d6f226ea3609c74f.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ak.sail-horizon.com
analytics.google.com
ap.lijit.com
api.fouanalytics.com
api.permutive.com
api.viafoura.co
assets.ribn.com
auth.lrcontent.com
avatar.amuniversal.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
canoe.com
capi.connatix.com
cdn-ima.33across.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.lrcontent.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs.media.net
d.turn.com
data.adsrvr.org
dcs-static.gprod.postmedia.digital
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edge-auth.microsoft.com
entertainment.service.amuniversal.com
esp.rtbhouse.com
eus.rubiconproject.com
events.newsroom.bi
events.qortex.ai
experiences.mrf.io
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
google-bidout-d.openx.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.rlcdn.com
image6.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
oa.openxcdn.net
oajs.openx.net
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
placement-prd.jwpltx.com
pm.w55c.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.media.net
px.ads.linkedin.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
ssbsync.smartadserver.com
ssl.p.jwpcdn.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
tags.crwdcntrl.net
tags.qortex.ai
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
ads.avct.cloud
ap.lijit.com
c2shb.pubgw.yahoo.com
htlb.casalemedia.com
rtb.openx.net
104.17.119.17
104.18.35.167
104.18.36.155
104.18.4.235
104.18.41.104
104.18.41.170
104.18.5.235
104.21.50.90
104.26.0.62
104.26.1.62
104.36.115.111
108.138.128.124
13.107.42.14
13.107.6.158
13.225.195.35
13.225.195.7
13.225.63.53
13.226.34.6
13.35.93.67
142.250.65.162
142.250.65.226
142.250.65.227
142.250.80.14
142.250.81.226
142.251.32.100
142.251.40.129
142.251.40.234
142.251.40.98
142.251.41.1
142.251.41.3
142.251.41.8
147.28.146.89
151.101.1.229
151.101.130.49
151.101.2.114
151.101.2.133
151.101.66.133
157.185.170.144
172.253.63.155
172.64.142.6
172.64.145.177
172.64.149.180
172.64.97.32
172.67.159.162
18.164.101.60
18.164.96.10
18.204.119.111
18.238.63.215
18.238.80.80
185.184.8.90
199.38.167.130
216.239.38.181
23.1.200.228
23.105.12.170
23.205.2.235
23.47.170.102
23.51.56.248
23.51.57.13
23.52.160.28
23.55.235.168
23.56.162.28
3.161.212.32
3.161.213.102
3.209.220.168
3.214.92.171
3.225.218.10
31.13.71.36
31.13.71.7
34.102.146.192
34.107.254.252
34.111.113.62
34.117.147.204
34.117.54.29
34.120.107.143
34.120.63.153
34.195.72.146
34.228.147.189
34.231.250.139
34.235.214.237
34.236.67.173
34.237.166.49
34.96.70.87
34.98.64.218
35.174.57.140
35.190.39.111
35.207.24.140
35.211.178.172
35.241.9.51
35.244.154.8
35.244.193.51
35.71.131.137
50.116.194.21
50.116.194.23
52.21.192.107
52.46.130.91
52.71.57.44
52.73.63.104
52.85.61.109
54.144.144.142
54.146.129.87
54.152.50.166
54.192.51.102
54.192.51.120
54.192.51.124
54.192.51.34
54.192.51.45
54.192.51.72
54.208.16.196
54.86.68.242
57.128.96.92
63.251.28.233
63.251.86.50
64.202.112.31
66.6.101.151
67.220.226.238
68.67.179.87
69.166.1.34
69.194.240.13
69.90.254.78
74.119.119.129
74.119.119.131
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.81
8.43.72.32
8.43.72.97
8.43.72.98
99.83.181.31
003697687a91a4c94c45dcd9a5682f23415a371147b7519a14742778de4e1ed3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04135c5b70e3493cd29355bf4c6550403584b8c6d7ad35bdc22ebbf9d3d0ff63
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d49e260f4932cb1977affa17d7430db79047b2d4b44b871b9ee9f2583d0e7a
08a6364cc8a5ea74bba1d5286957fc821d303eacb1608e08537f0306f354bafa
0a633cd18a8ef38d694ec323dfd22731854e161f2ebee27b2eb9870a7df78980
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e46ee4a6e1b3ba80a47d37a1f99e557789870e48f0fcd4a8b6b3d8092620b09
0fe7bdc0165328e62bba4b1c7f4b6f901256dfb0b846b9a2eb5ca6c77c333ac6
1002879872b70abe372a7755d3967607e42b96cb9f40e918994e7fcd7c4cc287
10e818cfd743cbe48191a4032bce71298af986268b0f1fb0f8f67a3421cd9989
1140c2d2f752a7f86e08b5880a1d1742b21da4154af6910c30b644f75d62deaa
115c8f8f8704f0a12c47f478200552a56fef3d60efec25acbfcd3d2972901027
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
164adc208b6b0d04e6cc27dbd9e7eb3d50b7744bedd1a57e99a759020b859356
1663536a0460d18689e8e0d827236fbb61fe5763e4ab68896554d5184053c460
183ffa7e0283d699f7542bb054a9065be7e2ab542d38e3b572f19ac22b124fa5
19867c2253ae6db7117e7d1b83cf311e35a1b203b53ef68e66f9d4938ee0adbd
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a7d3eb569755680705ab58c29b11a63128ed10e00ab46d95a8c21eb09615cbc
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d023b0c47cf8aa344819e1eac27eaf2c5d0a135e53d00575590510b66b1b6f5
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2134742a119db4aaaa1b97530e584110627c9024c1c8e8301375238ea92b687d
22d9df1da6b72a887f5e092bdb4c42a9fec1ba5f6bfb5ef50635b98cb0f019b4
24b3a7ad7a59827d0c649df99aadd395e939cd0669630d65caf1bfb187f2cb74
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bb9644bec25e7946e993c4bded8215f74452c1ab31249abd1716608a4299193
2d91504858b1adf23a9a4605b6a1ba64a5c8358d22bd070b521d6d3624e4ddd7
309a993498164265e77534ab120ab6575fe37f058b9c82b31716dd3e358458ec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31bb647caffd6b5e814011355c22ad1cc15ca16e82a9bc64c887a3b1a3aa70b8
3346651e72fac1f52c025219b309a2fb16cf6037e8df0e840cc0b7a8c9f6db94
335ef37710542935e01c9b9a594d6af7a7cfab349a9ad70b70d221a69f7e4163
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
34fb702bca2091bfa8e6524fce26c7dc195250859b6ee4b48ddeac91df31b040
39cabe05090809af9c4724beac26627c05a535d176f937294c8397970c44b8fd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e80addd74a44579cc08ffc12989b8ab8dc136713c977c6da3aed5369b752409
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7c2b147316b3286f816d1d85c0d2c539ce8be5b6b851443f5bc0c6274a03f1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4049d1aa81f1350993a0d316870aef271f5a3c577a173c85ea60027aeae34a79
40e562e806ce113ae7879d0dd76db82797b5c274794751c260381f2c8b283641
41fa01c782917e3f2c7ec4c60602f471ee628280908b71da13d4b127626ac85b
425601138b5cddecfc3f3e8cadbdfafbd54ea39cb6e1159e589ebd69e0d9b7eb
42716b1e53a7779105575276cedc2e75677bc64e77b0a712bc0d48e2479abd98
42d9ba8ca9a5e2d3bd725d12d77341070d3ad39ca467d787d2bc2bca6b9c5f67
43a42702c59bc37d11cb776ffd904de25fe945c6028ef290dabfd0e977a88366
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4ce08de85bbd18152308e95bb8f79035e6198250b775bf52a4cd74b8c88480b0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e68ac0015808af69b71d59431594ddf3ff4f02a3cd18a96e3304fa29ae5d4dd
5303c8ddb93f86667638b4dbf4605472121f0d8316719e30e2936f5e9c807010
53c4cb755798eca54dbf247c0a96d46dd958da8ed9bac079c299085f40d8b41a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2dcc70dcb2cd2dd134dcbfc9ea460d3dce79a667191d9618bb708f9619c63
56270e9e004db8efacc195a58790c8d397f757832b0f40a48e825d8f0fe7712f
5ac5a8239722a227c64ea9eff7889359f985d60db0f38766a47e159856bb62f9
5af8716da375c22814f1f4b9b13e9e8239a54be1f95c6e2af7bb983a2410ba5c
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5d01b6f098a1ebb8e78b398f88278a15a6573d3a5dfb8d98751aa7fcf85034a1
5d6a8530a31773fd2af9ff271927f136fd4f13b8ddb1613d75c5852ec99b8482
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ad8774812be6d5ba993fc09a10b2d4daf6bbf2c4290447e0835dc3c31069ae
64bd62679fbefcfd46fb16c93bccda65b4716fdb1714a7d0912f14601dc082e2
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
676692567f126a1321ba018fdf5d5994d9e62298ca701ecaf432b8bb696310d2
68834f66060897ebf03e663ab5d56027ed4e97a39a8a050d78ab67bbe5331ed8
69a53ae8e402a25abc88acf3fba1840ae7e371df38eee6dc6fc319462f7c2a88
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6d32918bdff1efa5aecbea0f90be6b95f7a2362e756128dcebec35bfa16a640a
6d8a95865dcb3e61f0864905400978ea023346683fdaaab5742adc81f7b03c3e
6daae9ae29d4a659b51bb3741f1845dba56278221573c60313556ab426dfe2ef
6f733263ba0d482063be46904102884233d3e14ebc2818968db52579a7bdaf83
704c5c5d43e23afed88de0125045033be916830d02ae45b87afe2d1c7004ec99
725c7f25639cdf8e983f31c18286ae22339b07fb98bec314035189ab045af5c7
75f058a275fb2db8a66198c8c0a18e307985a248f5c8f12e03d25255665710a5
76f6554385e124c1cebb6feae6ea1ce1455a2024f16bce9b57240b84f5bad49e
795db5bfa7e44fdc0e4c148cace3e419e509080e5e8cd012f3b40541a72126a7
7c8f24757683d5fece3f8af5853e19b1432c3d9110c3f6307b1ea434807eb4c7
7d5c5cc851e92a1db0a58a5823e37e3243aa5641fad561ad1e0c7fb5c1340db2
7e5bcd656337be8e9a4b43036dbe504a6dfefe11761623d97e587fb53cd217ab
7fdeb1c6fd18e0f486055ae90b9c37c166cd1b455157daa7de08f4271ac696ce
8039602c5b29123d816dbd0f3e0682373303423168a3304b37a652f116e31f74
80be303c408fa9e953af8e73e4a247c1ff6452e224204f7aef4ca1f223165d04
81b2404aa38c79fe36d258e34f049b0882b90586d653886a8e44d53da3084124
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
859a68d1c7b4ff51622aae539e55da3c453f6d2f26b279ee5eaa2a6850724ade
864291837e175e466ebdcea6ccd2bc3f2425b0165cef96adced833c93c04e993
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
89ff09e3f01130048679d910a3e402117f9c6f12cbd41c219ade525946d1dad4
8d3d191d44b6a042adb3ac86d403f8eaa0f7d28056ce74fb3ec3bc65aff5178f
8d797b58dbbb90837bff92450e25c5a0fc90040116e51311437d9f2c4f03c94b
8de66b2537c74eb840dde0edb77576dbf6b06bc4d64df5d89819ec9290a7bbdc
8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9
8e24c511919edd980d038922ee75824a1f22744cba776522582f783d096de205
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ed1c626af66981552aac1e9cd693fb3bbf73411f1af5ad340723545258fab7e
90d0c3437087783c862c38b4c19910799ae3b0fb65789c7e443e5a36f977b73e
9362530937549606f05a09a1173d5797315547a9b09f56e83a7aae1503a316ed
951989bc87fb8d63be622ab62a9e5a33352f80947ed90041a24b1129772c07fa
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
98d87dbd0b05bdf5285815e9b767af29c342f14b47d00a5f9d33310e3514ab49
9bd6e613cf767c517108d5ec93ba8a08f1d399a5ad11748327be3668c159965b
9e163e69a01d2ce1e0c682f1a658dfcda7ea0ce2fd370d697a4a9285c86ef6eb
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a075f92744836d04b6d6baea13c646a1376afa236c13827f37e52420050b3a64
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1f8f93782990047be22637ecb7ce3d70c1d21f3d51eb6281b8a143480f6ac7c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a8277b69a2582f48ef7806fff1bffd21c0189ff23106b6a459ab3125aad73996
ab5ddd6bbaf4e6b6ae4d9b3ffdab97d462a643269c7dd07d8452257843fd5662
ac0468a07574222a50027b51eff4ac358c0c3ef0be9d81b22ab91a943d52e2eb
ad32d3c936d1030661f1c8f55b25db870167fc7c02134fd7e9dbe1d31029fb41
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af7af603d012ddfd269d068e68a3e88dc56305a1ae53593d790d05eddebd0f69
af979786c73f4c25357e6528bb264f3dffae203ec6ff1adced8b57c3532f6d4b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b11b46d840781f63d7b508c855efc863848a4e391cb675876c458a021886bb5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1631a16b9a272828ad99cdb2ff9beb5ca3f1bcfe33741fc51fb9fb1e764e227
b260521dc91bb9be40d0cb9e8ae37b39c94703b68d7d29cbcd5aad0922665a83
b2c3ac8931353adc11f48b9e1fbd0daa764eb2e736439d7a15aa42c7b51de5bd
b2d2f5d052658ef5589fe450a8654dbeb88d97511ce36f21f1c3bb3b38fa3c24
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b9a7027c013faa24de1f51e7eaa56d021193df23acaf81dc3e9fe064794d36d5
b9df090a780c244b84fa12207ec5a14280b6a14393729f2a0561ac183fe05b43
ba7e0e72735ea304bac8a43e87c2da1b7ee2d6705e8548a2fde134beb08d7b48
baaecda7950dc6861f7af443ce361e6b1d57098faabff2d3940083e602f81980
c2036014153a51610b89b576a9f14c2c5c6b03225248e3faad56ca9725214416
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c49f4e9b24c62dbda36124851975d44cf7fe6e4a0d87f935d51660eb116da0f9
c615104d3516e49abe78a9102737c6aa04056c6a8090e5746a38921d3b3811ab
c62298477bd42f1c46d68b84e392835c73934351c1575fc42e913a5ea0500e42
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c81cab8c63d469329c0e0724770c6c8622f0d5d1fb8b6f919b6d7dddfadba190
ca12e73281c4808c3140fa8b912864c7e7243511d33bae503985c541be5f6dcb
caa14fc1cc6385ace6f22b30e3d64c7aeb3ebe15f4e42aff5c5badfb81fc8cca
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb0d917a65f17b9ee9593d9e3921a3d37a4b94921c7fcfc06e8329ddb9089690
cdbdba5d00abc7568d598dd6509509044dd299602073273da6649c81f328e35e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d22c2b457592d1f744afe93fdca6657e1985e47f0fade89674ae45ebce1d6428
d25bb8ce326147d2acfdd5b129123bd4d31b8677ce4b63fe610360bd268cfb27
d30a45dc7fd324487980906858368d0083b721de5ffd78108f92e4091cde3211
d743899b78431bf5a679df7a9fdba7017229b49a8951a9c118f3556d8a6e632d
d7617ea944679142c5bbf19a0d868f2ca0f2488768ab7f99ed0aaf1636be58eb
d7800992c70337710a800628bad888bebad0a275102de46a3370179e373c034b
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a06fb4a67185897bb2f003cfd6e8171816a7d35796addfb530ddace7e93ff
df648d2f45447372acd609c61fce98ee409f14718f69e9ef2ee25d40f022749b
e063cbc5a59613d0f25d3d16fe7e4a5a9369a3a20e9cecf321a8dca35167b2b6
e13822da2ca587d1d53b050cb267bbfea098e785e496dfb833bf4ae38555a087
e35224383b43eb1b7dfa57637f136dad59f4ab331bcfc5f6874644eb5815e520
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e520222ce71d130f32934764b0cba1e95c4df64fb724409c5202676aa890140d
e6214b2559f67192d41d07d928357497936f068d2953d63646bbfe104b1d68c5
e694738a888a81dfc7ba1b2be39b08da3c8cf50a86dec25c7388b03d9ff51798
e80025d59b966e390e81818a115bcf1c8147512973c698731adfee1dbd942572
e81b8ba485b5b1a713772b4dbf1f7a1bac0efcaa7e2035419d8d5c347e8db506
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea8f014d424f84c2708303d930ca216c61304aaa7bc4e64e04d5f43d5731444e
eaa1fe6daa6d6efa271e07a942dd6cd521cf367b0f2a1470512f43dc315ad50c
eaf4772ed048e578ae01ee712ce8c30b267a31ae659b1a5762904ee3af36911a
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed5c431fb99a10c6b50d52cdeeabab3eea3147cd7569db5de74194285fb00690
ed7a20f27a956c2a573a6ae57e1661f01845d0ac9ef47a1a5b3bd912f89a818f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18645fef3b37f5790f8133b53677b8f1fc91f444ffdf361c7d95694caecca25
f37871d176a351c045bf481db13719ee75c202eac94523260600f762ac7276dd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
fdd5eb5886d055428379d1938f01e5a186f7f8dbf3efc851ad9e04914302eb59
fea622897ff5ed212a80d8a559c08cd8c82b26c15f0fb2e69295f632d62366c9
feb2160dccd8b0345096a272f9753c529fa2f32b843400805851dc714372d9d5