urlscan.io logo urlscan.io
SecurityTrails logo

clients.ia.ca Open in urlscan Pro
52.139.17.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ia.ca/myaccount
Effective URL: https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_...
Submission: On August 09 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 18 domains to perform 46 HTTP transactions. The main IP is 52.139.17.111, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is clients.ia.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 17th 2020. Valid for: 2 years.
This is the only time clients.ia.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 52.139.17.111 8075 (MICROSOFT...)
3 7 207.134.102.208 852 (TELUS Com...)
1 207.134.102.157 852 (TELUS Com...)
1 1 35.71.149.114 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2606:2800:11f... 15133 (EDGECAST)
1 151.139.128.11 20446 (STACKPATH...)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 54.230.163.122 16509 (AMAZON-02)
2 54.230.160.114 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
1 5 3.33.220.150 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.224.217.116 14618 (AMAZON-AES)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 68.67.160.114 29990 (ASN-APPNEX)
2 2 3.218.90.66 14618 (AMAZON-AES)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 2607:f8b0:400... 15169 (GOOGLE)
46 20
10    52.139.17.111 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ia.ca
clients.ia.ca
7    207.134.102.208 (Québec, Canada)

ASN852 (TELUS Communications, CA)
iac.secureweb.inalco.com
1    207.134.102.157 (Québec, Canada)

ASN852 (TELUS Communications, CA)
sps.secureweb.inalco.com
1    35.71.149.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9fabdf042c40ac50.awsglobalaccelerator.com
login.service.ia.ca
2    2607:f8b0:4006:823::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
content.ia.ca
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
cdn.mouseflow.com
1    2600:141b:13::17d7:82d9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.230.163.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-122.ewr53.r.cloudfront.net
cdn.heapanalytics.com
2    54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net
js.adsrvr.org
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    2607:f8b0:4006:81f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.224.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-217-116.compute-1.amazonaws.com
heapanalytics.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 ia.ca
ia.ca — Cisco Umbrella Rank: 377054
login.service.ia.ca
clients.ia.ca
content.ia.ca — Cisco Umbrella Rank: 955862
1 MB
8 inalco.com
iac.secureweb.inalco.com
sps.secureweb.inalco.com
9 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1298
insight.adsrvr.org — Cisco Umbrella Rank: 619
match.adsrvr.org — Cisco Umbrella Rank: 381
10 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 491
px4.ads.linkedin.com — Cisco Umbrella Rank: 5619
5 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 501
www.google.com — Cisco Umbrella Rank: 10
863 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
132 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
624 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
2 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 8100
608 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
496 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
500 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 428
539 B
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3022
heapanalytics.com — Cisco Umbrella Rank: 2533
46 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
136 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
913 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 734
3 KB
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 6713
66 KB
46 18
Domain Requested by
8 clients.ia.ca clients.ia.ca
7 iac.secureweb.inalco.com 3 redirects clients.ia.ca
6 content.ia.ca clients.ia.ca
4 match.adsrvr.org js.adsrvr.org
3 px.ads.linkedin.com 3 redirects
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 ups.analytics.yahoo.com 2 redirects
2 ib.adnxs.com 2 redirects
2 www.google.ca
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 www.facebook.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 p.adsymptotic.com 1 redirects
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 www.googletagmanager.com sps.secureweb.inalco.com
www.googletagmanager.com
2 ia.ca 2 redirects
1 www.google.com
1 pixel.rubiconproject.com 1 redirects
1 heapanalytics.com
1 insight.adsrvr.org 1 redirects
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 cdn.heapanalytics.com sps.secureweb.inalco.com
1 snap.licdn.com www.googletagmanager.com
1 cdn.mouseflow.com www.googletagmanager.com
1 login.service.ia.ca 1 redirects
1 sps.secureweb.inalco.com
46 28

This site contains links to these domains. Also see Links.

Domain
iac.secureweb.inalco.com
login.service.ia.ca
www.ia.ca
Subject Issuer Validity Valid
*.secureweb.inalco.com
Entrust Certification Authority - L1K		 2022-04-26 -
2023-04-26		 a year crt.sh
clients.ia.ca
Entrust Certification Authority - L1K		 2020-07-17 -
2022-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
files.ia.ca
Entrust Certification Authority - L1K		 2021-09-01 -
2022-09-30		 a year crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-12 -
2022-09-14		 2 years crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-19 -
2022-08-17		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2022-07-29 -
2023-08-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
Frame ID: 63E1C3A2145943CF8A55DFC28AF6DE93
Requests: 44 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0
Frame ID: 98089E092D21EBE481E85B57021AE281
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4399307183606566004&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
Frame ID: A6C93B2510EA44A28DAD951EDA7B4B38
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-4B61oZ1E2uLYJL7ytM_GUNrLhKjuT9M-~A&gdpr=0&gdpr_consent=
Frame ID: 9715C5336DBE42E70EFB2B96F53573EE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 840EF79D47E38C42C90A9F8ABB13A650
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client Space

Page URL History Show full URLs

  1. http://ia.ca/myaccount HTTP 302
    https://ia.ca/myaccount HTTP 301
    https://iac.secureweb.inalco.com/ HTTP 302
    https://iac.secureweb.inalco.com/wemwpn47 HTTP 302
    https://iac.secureweb.inalco.com/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-8d1faca3-560c-4a78-9f4d-... HTTP 302
    https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d... Page URL
  2. https://login.service.ia.ca/app/ia-ia_extranetsiteminderclients_2/exk1d12zt32HeLOEQ5d7/sso/saml HTTP 302
    https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extran... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

46
Requests

98 %
HTTPS

44 %
IPv6

18
Domains

28
Subdomains

20
IPs

3
Countries

1777 kB
Transfer

4816 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ia.ca/myaccount HTTP 302
    https://ia.ca/myaccount HTTP 301
    https://iac.secureweb.inalco.com/ HTTP 302
    https://iac.secureweb.inalco.com/wemwpn47 HTTP 302
    https://iac.secureweb.inalco.com/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-8d1faca3-560c-4a78-9f4d-77664996ba90&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9DTfP3Puxdh%2f70NuRXE8g2M%2f3VIO3eH4K7rjIHQkl%2bDoer73RjPxF56BQlS2Ig7k&TARGET=-SM-https%3a%2f%2fiac%2esecureweb%2einalco%2ecom%2fwemwpn47 HTTP 302
    https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7 Page URL
  2. https://login.service.ia.ca/app/ia-ia_extranetsiteminderclients_2/exk1d12zt32HeLOEQ5d7/sso/saml HTTP 302
    https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ia.ca/myaccount HTTP 302
  • https://ia.ca/myaccount HTTP 301
  • https://iac.secureweb.inalco.com/ HTTP 302
  • https://iac.secureweb.inalco.com/wemwpn47 HTTP 302
  • https://iac.secureweb.inalco.com/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-8d1faca3-560c-4a78-9f4d-77664996ba90&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9DTfP3Puxdh%2f70NuRXE8g2M%2f3VIO3eH4K7rjIHQkl%2bDoer73RjPxF56BQlS2Ig7k&TARGET=-SM-https%3a%2f%2fiac%2esecureweb%2einalco%2ecom%2fwemwpn47 HTTP 302
  • https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46883%26time%3D1660069267735%26url%3Dhttps%253A%252F%252Fclients.ia.ca%252Faccount%252Flogin%253FfromURI%253Dhttps%25253A%25252F%25252Flogin.service.ia.ca%25252Fapp%25252Fia-ia_extranetsiteminderclients_2%25252Fexk1d12zt32HeLOEQ5d7%25252Fsso%25252Fsaml%25253FRelayState%25253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&cookiesTest=true&liSync=true&e_ipv6=AQIc_uOKuaO2yAAAAYKD1ssshsyNC1sg58O8b0QSgG7lfoZXX6PXG7vjztyQ0fuIznTLhqhm HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278&_expected_cookie=d62f997e91fc095641e82b5c1a72f547
Request Chain 30
  • https://insight.adsrvr.org/track/up?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0
Request Chain 41
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D33ff5243-57a2-4907-baca-75b7730cfab4 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4399307183606566004&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
Request Chain 42
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33ff5243-57a2-4907-baca-75b7730cfab4&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33ff5243-57a2-4907-baca-75b7730cfab4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-4B61oZ1E2uLYJL7ytM_GUNrLhKjuT9M-~A&gdpr=0&gdpr_consent=
Request Chain 43
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33ff5243-57a2-4907-baca-75b7730cfab4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
saml2authnrequest
sps.secureweb.inalco.com/affwebservices/public/
Redirect Chain
  • http://ia.ca/myaccount
  • https://ia.ca/myaccount
  • https://iac.secureweb.inalco.com/
  • https://iac.secureweb.inalco.com/wemwpn47
  • https://iac.secureweb.inalco.com/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-8d1faca3-560c-4a78-9f4d-77664996ba90&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-9DTfP3Puxdh%2f70NuRXE8g2M%2...
  • https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.134.102.157 Québec, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
Software
/
Resource Hash
5648ad5b108b60cd5d58ebcb9274c8ad92830d4a4815a3f9a59b1df5b8fea012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 18:21:06 GMT
Keep-Alive
timeout=5, max=99
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, no-transform
Content-Length
1157
Content-Security-Policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 18:21:06 GMT
Expires
0
Location
https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Primary Request login
clients.ia.ca/account/
Redirect Chain
  • https://login.service.ia.ca/app/ia-ia_extranetsiteminderclients_2/exk1d12zt32HeLOEQ5d7/sso/saml
  • https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e4...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36f42bb85b18113e88ab0d196446c757970e05d9ce21a2590cab1c5c29be4926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sps.secureweb.inalco.com
Referer
https://sps.secureweb.inalco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 18:21:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
etag
W/"62c54f54-95e"
last-modified
Wed, 06 Jul 2022 09:01:08 GMT
x-envoy-upstream-service-time
1

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Tue, 09 Aug 2022 18:21:06 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
content-language
en
content-security-policy
frame-ancestors 'self'
location
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
p3p
CP="HONK"
x-okta-request-id
YvKlkomn6J05odaZmzqslAAABaE
x-xss-protection
0
config.js
clients.ia.ca/account/login/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/config.js
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa558b8af553b1676894eae54a83c861ffd9c5313cb910704313d4dbbc2c50dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:06 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Wed, 06 Jul 2022 09:01:24 GMT
etag
W/"62c54f64-430"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Strict-Transport-Security
max-age=31536000; includeSubDomains
main.0c398a96.js
clients.ia.ca/account/login/static/js/ 		3 MB
864 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45d82d15d5be947f8b78cf97212ec2ff179874a6afc77bdef3b0572bcf22cb75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:06 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
W/"62c32e00-2a3586"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=31536000,public
Transfer-Encoding
chunked
x-envoy-upstream-service-time
4
Strict-Transport-Security
max-age=31536000; includeSubDomains
expires
Wed, 09 Aug 2023 18:21:06 GMT
main.f241c4fd.css
clients.ia.ca/account/login/static/css/ 		590 KB
252 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c6da33253406bd4fbb431d97de852229b1004b601e38131c5c9af1b318742749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:06 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
W/"62c32e00-938c7"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
cache-control
max-age=31536000,public
Transfer-Encoding
chunked
x-envoy-upstream-service-time
4
Strict-Transport-Security
max-age=31536000; includeSubDomains
expires
Wed, 09 Aug 2023 18:21:06 GMT
gtm.js
www.googletagmanager.com/ 		199 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: sps.secureweb.inalco.com
URL: https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e62107610aba727ad332815b85d6f1188110984837d706d0dfebec9d7bb8e23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66297
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 18:21:07 GMT
montserrat-regular-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/montserrat-regular-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/792A) /
Resource Hash
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"d0d3300a7a7d81:0+gzip"
age
489070
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15171
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:51 GMT
server
ECAcc (nya/792A)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
montserrat-light-webfont.47314ef8b3f718bd6b25.woff
clients.ia.ca/account/login/static/media/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/static/media/montserrat-light-webfont.47314ef8b3f718bd6b25.woff
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:07 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
"62c32e00-5660"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
font/woff
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
Content-Length
22112
expires
Wed, 09 Aug 2023 18:21:07 GMT
opensans-regular-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/opensans-regular-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7907) /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"c95d590a7a7d81:0+gzip"
age
489176
x-appinit-warmingup
1
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15530
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:51 GMT
server
ECAcc (nya/7907)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
1da09377-0e86-4786-8b35-4d01b5b8b8d5.js
cdn.mouseflow.com/projects/ 		247 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/1da09377-0e86-4786-8b35-4d01b5b8b8d5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
6bc0f723ae795068c64aa0843118b23485dd238a829d260b0f3af3e3d860c9c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 15:02:49 GMT
server
etag
"80b2251a93a2d81:0"
x-hw
1660069267.cds201.dc2.hn,1660069267.cds009.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
67855
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:07 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 23:25:22 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33277
accept-ranges
bytes
content-length
3085
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d1fbbb50fd818e6e618feef385e64dcfa373a82702c7cf0314dffde6d036cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26977
x-xss-protection
0
pragma
public
x-fb-debug
++xtgeZERAiMT7B4sl5fg3EjjKigIyAeKPIf1zQse/TRqJVN60JjtmHek09ZwEfUvEahsS2zUxFVrDhPpzC34A==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
heap-3226067630.js
cdn.heapanalytics.com/js/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3226067630.js
Requested by
Host: sps.secureweb.inalco.com
URL: https://sps.secureweb.inalco.com/affwebservices/public/saml2authnrequest?ProviderID=http://www.okta.com/exk1d12zt32HeLOEQ5d7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-122.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
01f2f38561b09ff36e0f58bcaca3adf28cb5f7f764ff882bfa30b5afcaac1770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:19:29 GMT
content-encoding
gzip
server
nginx
age
98
etag
W/"1d441-OnZrt+g8Zr7xFoUNCCoWkw"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 1e50ca9ac269e92d749f11227b12760c.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
EWR53-C3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
kqW6brQK3FniXXAYwcuCFC9ZUCMDRsDjuLfu2BuZvN0Hq5CWar5dAg==
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 17:47:41 GMT
Via
1.1 2b873f743281511e290d4958008561c2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
2007
ETag
"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
R4GwpYvVuNoz8jBx0XqkSR21n3UwRij2ZCCl09nBrllk7auDPVTOOg==
481.6842e440.chunk.js
clients.ia.ca/account/login/static/js/ 		456 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/static/js/481.6842e440.chunk.js
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca5cd9cd51fe7636f09384012279aa0c1337ee2e232411cc99c14ce3ca3bb717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:07 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
W/"62c32e00-1c8"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=31536000,public
Transfer-Encoding
chunked
x-envoy-upstream-service-time
1
Strict-Transport-Security
max-age=31536000; includeSubDomains
expires
Wed, 09 Aug 2023 18:21:07 GMT
Splash.497140013d3fc57e38b0.jpg
clients.ia.ca/account/login/static/media/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients.ia.ca/account/login/static/media/Splash.497140013d3fc57e38b0.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1011aaf96cca2edac9341ca76fd8817bb4cc7ff49853a1c1748456245dd1c979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/account/login?fromURI=https%3A%2F%2Flogin.service.ia.ca%2Fapp%2Fia-ia_extranetsiteminderclients_2%2Fexk1d12zt32HeLOEQ5d7%2Fsso%2Fsaml%3FRelayState%3Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:07 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
"62c32e00-18f26"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
image/jpeg
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
4
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
Content-Length
102182
expires
Wed, 09 Aug 2023 18:21:07 GMT
opensans-semibold-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/opensans-semibold-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7933) /
Resource Hash
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"33be7a0a7a7d81:0+gzip"
age
489106
x-appinit-warmingup
1
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
16067
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:51 GMT
server
ECAcc (nya/7933)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
montserrat-regular-webfont.5623bc4fe19097d3a367.woff
clients.ia.ca/account/login/static/media/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clients.ia.ca/account/login/static/media/montserrat-regular-webfont.5623bc4fe19097d3a367.woff
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 18:21:07 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 04 Jul 2022 18:14:24 GMT
etag
"62c32e00-55dc"
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
font/woff
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
Content-Length
21980
expires
Wed, 09 Aug 2023 18:21:07 GMT
montserrat-light-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/montserrat-light-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C67) /
Resource Hash
58ace96866326e28e7a9d975467504a76c703ce6b9f18900670286f266c165b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"d0d3300a7a7d81:0+gzip"
age
489106
x-appinit-warmingup
1
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15331
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:51 GMT
server
ECAcc (nya/1C67)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
Children
iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/global/footers/footer-non-authenticated')/ 		678 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/global/footers/footer-non-authenticated')/Children?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.134.102.208 Québec, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
Software
/
Resource Hash
7039ea4aec6f24136060f39590fbc9691251349a630241dcbb14fc6c0667860d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.ia.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
455
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Date
Tue, 09 Aug 2022 18:21:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json; odata.metadata=minimal
Access-Control-Allow-Origin
https://clients.ia.ca
Cache-Control
private, no-cache, no-store, max-age=0, no-transform
Access-Control-Allow-Credentials
true
OData-Version
4.0
Access-Control-Allow-Headers
Content-Type, Accept, X-Requested-With, Session
Expires
0
Phone%20number')
iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/Need%20Help/ 		420 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/Need%20Help/Phone%20number')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.134.102.208 Québec, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
Software
/
Resource Hash
9a6c1fd1d97430e36b26ea490cd272b8ad608e8bc18a80174d5daa42e25adbeb
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.ia.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
423
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Date
Tue, 09 Aug 2022 18:21:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json; odata.metadata=minimal
Access-Control-Allow-Origin
https://clients.ia.ca
Cache-Control
private, no-cache, no-store, max-age=0, no-transform
Access-Control-Allow-Credentials
true
OData-Version
4.0
Access-Control-Allow-Headers
Content-Type, Accept, X-Requested-With, Session
Expires
0
Business%20Hours')
iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/Need%20Help/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://iac.secureweb.inalco.com/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20My%20Client%20Space/home/Need%20Help/Business%20Hours')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.134.102.208 Québec, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
Software
/
Resource Hash
bf0900d4150e34309bdc544c33f15d4140717eb576250357057029e42c973ae4
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.ia.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
374
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Date
Tue, 09 Aug 2022 18:21:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json; odata.metadata=minimal
Access-Control-Allow-Origin
https://clients.ia.ca
Cache-Control
private, no-cache, no-store, max-age=0, no-transform
Access-Control-Allow-Credentials
true
OData-Version
4.0
Access-Control-Allow-Headers
Content-Type, Accept, X-Requested-With, Session
Expires
0
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_e...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_e...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D46883%26time%3D1660069267735%26url%3Dhttps%253A%252F%252Fclients.ia.ca%252Faccoun...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_e...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=46883&time=1660069267735&url=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278&_expected_cookie=d62f997e91fc095641e82b5c...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278&_expected_cookie=d62f997e91fc095641e82b5c1a72f547
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
738282809d1e3fd3-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=21efc4aa-f5e7-49be-bf9b-62013b321278&_expected_cookie=d62f997e91fc095641e82b5c1a72f547
date
Tue, 09 Aug 2022 18:21:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
738282804cbf3fd3-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.73
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
O4chOgyeDraEjWK9hdgZFPQMp1pf/Yu6ckVInsXRDMnlrcgDsiYgf3jDA2KXwEI63VTi2fQ8zarI7YTCW4Ntug==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Aug 2022 18:21:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
345087119389542
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/345087119389542?v=2.9.73&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68faffbb23cc0633ced43092188c6e86dcdd73c67ef8b5340f225145424a3630
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
jcdIYYptMf0FfjmAz9UldYhai1G1QlgxUXF6XRrj4cYaww6jwzC3hpyo0OJPdOOonCc1K+BlHsUQfNj9m10kfg==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Aug 2022 18:21:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660069267800
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
montserrat-black-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/montserrat-black-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78FC) /
Resource Hash
ddf7d7673aa7220544eba0eb2ad988c542f8aacc70a0640d2079eaad317d9765
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"354de9ffa6a7d81:0+gzip"
age
489106
x-appinit-warmingup
1
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15199
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:50 GMT
server
ECAcc (nya/78FC)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
truncated
/ 		366 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95e415a263ad693a8c665b61d296044fb7c1cb7d5a8958333246f7eb0f0af3a9

Request headers

Referer
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		544 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75dae9804bd1b730e26893fcde36a1ad610abb22e494ce6297ab3a1fc4be9cac

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
opensans-bold-webfont.woff2
content.ia.ca/Content/ia/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://content.ia.ca/Content/ia/fonts/opensans-bold-webfont.woff2
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/css/main.f241c4fd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F1) /
Resource Hash
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.ia.ca/
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
content-encoding
gzip
etag
"63ab480a7a7d81:0+gzip"
age
489106
x-appinit-warmingup
1
x-cache
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
16238
x-xss-protection
1; mode=block
request-context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
last-modified
Thu, 04 Aug 2022 02:07:51 GMT
server
ECAcc (nya/78F1)
date
Tue, 09 Aug 2022 18:21:07 GMT
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, Session
x-content-type-options
nosniff
expires
Wed, 09 Aug 2023 18:21:07 GMT
instabilityMessages
iac.secureweb.inalco.com/cw/api/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://iac.secureweb.inalco.com/cw/api/instabilityMessages?sc_lang=en
Requested by
Host: clients.ia.ca
URL: https://clients.ia.ca/account/login/static/js/main.0c398a96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.134.102.208 Québec, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.ia.ca/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *.ia.ca *.inalco.com *.ia.iafg.net
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:383f0371-dcb2-4d55-bb5d-9246ec1ff604
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Date
Tue, 09 Aug 2022 18:21:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://clients.ia.ca
Cache-Control
private, no-cache, no-store, max-age=0, no-transform
Access-Control-Allow-Credentials
true, true
Access-Control-Allow-Headers
Content-Type, Accept, X-Requested-With, Session
Expires
0
truncated
/ 		589 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3178e8634c6315de792b489ee8926d2522758dae82d18673057eb49000876cee

Request headers

Referer
Origin
https://clients.ia.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
match.adsrvr.org/track/upb/ Frame 9808
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%2...
  • https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%2...
878 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
308cacb0cb776b40de9c4fc0cb0ac81ae3adb587c39d364373d30591e3e3f276

Request headers

Referer
https://clients.ia.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 18:21:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 18:21:07 GMT
location
https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
js
www.googletagmanager.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y7HMN9SDEC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93c7feb4f1825dbb896cb68bdb48b25ecce47c57c034bd32a3527a343a59703f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72130
x-xss-protection
0
expires
Tue, 09 Aug 2022 18:21:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQLRHCR&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6936
date
Tue, 09 Aug 2022 16:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Aug 2022 18:25:32 GMT
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3226067630&u=5458520105245882&v=6609957059839513&s=6519193594838051&b=web&tv=4.0&z=0&h=%2Faccount%2Flogin&q=%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&d=clients.ia.ca&t=Client%20Space&r=https%3A%2F%2Fsps.secureweb.inalco.com%2F&k=Language&k=fr&ts=1660069267910&st=1660069267960
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-217-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345087119389542&ev=PageView&dl=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&rl=https%3A%2F%2Fsps.secureweb.inalco.com%2F&if=false&ts=1660069267987&sw=1600&sh=1200&v=2.9.73&r=canary&a=tmSimo-GTM-WebTemplate&ec=0&o=30&ttf=1295.8999977111816&tts=1048.8999977111816&ttse=1293.7999992370605&fbp=fb.1.1660069267986.347675664&it=1660069267742&coo=false&eid=1660069267629.587610.1&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 09 Aug 2022 18:21:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=706764428&t=pageview&_s=1&dl=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&dr=https%3A%2F%2Fsps.secureweb.inalco.com%2F&ul=en-us&de=UTF-8&dt=Client%20Space&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1368397291&gjid=1570879051&cid=1804102123.1660069268&tid=UA-64509921-1&_gid=127796077.1660069268&_r=1&gtm=2wg880NQLRHCR&z=1980204806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://clients.ia.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clients.ia.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9808 		487 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=nc05nfx&ref=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&upid=8kjt1az&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 00:01:17 GMT
Via
1.1 2b873f743281511e290d4958008561c2.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
65992
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
UKXdD48dSHANNtJiNjU-EdXIh9aYwoejfmUa31JbTkQyuRzGj80UJg==
collect
analytics.google.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Y7HMN9SDEC&gtm=2oe880&_p=706764428&_gaz=1&cid=1804102123.1660069268&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660069268&sct=1&seg=0&dl=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&dr=https%3A%2F%2Fsps.secureweb.inalco.com%2F&dt=Client%20Space&en=page_view&_fv=1&_ss=1&ep.location=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&ep.title=Client%20Space
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y7HMN9SDEC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clients.ia.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y7HMN9SDEC&cid=1804102123.1660069268&gtm=2oe880&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y7HMN9SDEC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clients.ia.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y7HMN9SDEC&cid=1804102123.1660069268&gtm=2oe880&aip=1&z=1473532476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64509921-1&cid=1804102123.1660069268&jid=1368397291&gjid=1570879051&_gid=127796077.1660069268&_u=YEBAAEAAAAAAAC~&z=365122356
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clients.ia.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Aug 2022 18:21:08 GMT
content-type
text/plain
access-control-allow-origin
https://clients.ia.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
appnexus
match.adsrvr.org/track/cmf/ Frame A6C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D33ff5243-57a2-4907-baca-75b7730cfab4
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4399307183606566004&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
70 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4399307183606566004&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 09 Aug 2022 18:21:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

AN-X-Request-Uuid
4f8c7984-c0ae-4d20-9401-86261aa1cdc6
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 18:21:08 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=4399307183606566004&ttd_tdid=33ff5243-57a2-4907-baca-75b7730cfab4
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
generic
match.adsrvr.org/track/cmf/ Frame 9715
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33ff5243-57a2-4907-baca-75b7730cfab4&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=33ff5243-57a2-4907-baca-75b7730cfab4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-4B61oZ1E2uLYJL7ytM_GUNrLhKjuT9M-~A&gdpr=0&gdpr_consent=
70 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-4B61oZ1E2uLYJL7ytM_GUNrLhKjuT9M-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 09 Aug 2022 18:21:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Tue, 09 Aug 2022 18:21:08 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-4B61oZ1E2uLYJL7ytM_GUNrLhKjuT9M-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
rubicon
match.adsrvr.org/track/cmf/ Frame 840E
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=33ff5243-57a2-4907-baca-75b7730cfab4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 09 Aug 2022 18:21:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
a414d61fde5a538d1bc5c621aec59518
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64509921-1&cid=1804102123.1660069268&jid=1368397291&_u=YEBAAEAAAAAAAC~&z=440545188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64509921-1&cid=1804102123.1660069268&jid=1368397291&_u=YEBAAEAAAAAAAC~&z=440545188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=345087119389542&ev=Microdata&dl=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&rl=https%3A%2F%2Fsps.secureweb.inalco.com%2F&if=false&ts=1660069269497&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Client%20Space%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=canary&a=tmSimo-GTM-WebTemplate&ec=1&o=30&ttf=2801.7000007629395&tts=1048.8999977111816&ttse=1298.599998474121&fbp=fb.1.1660069267986.347675664&it=1660069267742&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:21:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 09 Aug 2022 18:21:09 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Y7HMN9SDEC&gtm=2oe880&_p=706764428&cid=1804102123.1660069268&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660069268&sct=1&seg=0&dl=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&dr=https%3A%2F%2Fsps.secureweb.inalco.com%2F&dt=Client%20Space&en=scroll&ep.location=https%3A%2F%2Fclients.ia.ca%2Faccount%2Flogin%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0&ep.title=Client%20Space&epn.percent_scrolled=90&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y7HMN9SDEC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://clients.ia.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 18:21:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://clients.ia.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| IA_REACT_APP_ENV object| webpackChunkaw_authentication_ia_clients function| clearImmediate function| setImmediate object| regeneratorRuntime object| scCGSHMRCache object| IA_REACT_CORE_API function| _ function| jQueryCourage object| u2f object| dataLayer object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id string| _randomPageId function| fbq function| _fbq object| _fbq_gtm_ids object| heap function| lintrk boolean| _already_called_lintrk function| ttd_dom_ready function| TTDUniversalPixelApi object| _scrollSettings string| GoogleAnalyticsObject function| ga boolean| mouseflowCrossDomainSupport boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| _mfq object| mouseflow object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

35 Cookies

Domain/Path Name / Value
ia.ca/ Name: languageDetection
Value: en
ia.ca/ Name: ASP.NET_SessionId
Value: 1fvuf1x4zdlqycswlexygy1v
ia.ca/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: 39aa6cc24a99489392e832b6762bffde|False
.ia.ca/ Name: ARRAffinity
Value: 355c1b10cf25d0df08f3482ad36a7117eba8e251ce2e5def80657341c6372d9b
.ia.ca/ Name: ARRAffinitySameSite
Value: 355c1b10cf25d0df08f3482ad36a7117eba8e251ce2e5def80657341c6372d9b
iac.secureweb.inalco.com/ Name: ASP.NET_SessionId
Value: tq1wrnw4a2xd3ycccnin3vyw
iac.secureweb.inalco.com/ Name: ADRUM_BTa
Value: R:0|g:15ce9d5f-ddef-471e-b4dd-1cb1997437d0|n:iafgprod_6e26eb8c-3ce9-4ff0-828f-3d1eeaf00224
iac.secureweb.inalco.com/ Name: SameSite
Value: None
iac.secureweb.inalco.com/ Name: ADRUM_BT1
Value: R:0|i:3733299|e:26
iac.secureweb.inalco.com/ Name: ADRUM_BTs
Value: R:0|s:p
iac.secureweb.inalco.com/ Name: ee-target
Value: https%3a%2f%2fiac.secureweb.inalco.com%2fwemwpn47
.ia.ca/ Name: _hp2_id.3226067630
Value: %7B%22userId%22%3A%225458520105245882%22%2C%22pageviewId%22%3A%226609957059839513%22%2C%22sessionId%22%3A%226519193594838051%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.linkedin.com/ Name: li_sugr
Value: 21efc4aa-f5e7-49be-bf9b-62013b321278
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&48637d4f-8f3c-4707-8b25-d4f14d3f6ac1"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2730:u=1:x=1:i=1660069267:t=1660155667:v=2:sig=AQGVo0jaIJpkI7YSomr2qEKJoY5GJDG5"
.ia.ca/ Name: _fbp
Value: fb.1.1660069267986.347675664
.adsrvr.org/ Name: TDID
Value: 33ff5243-57a2-4907-baca-75b7730cfab4
.ia.ca/ Name: _gid
Value: GA1.2.127796077.1660069268
.ia.ca/ Name: _gat_UA-64509921-1
Value: 1
.facebook.com/ Name: fr
Value: 0JUqcWHJEVAKD4JJE..Bi8qWU...1.0.Bi8qWU.
.linkedin.com/ Name: UserMatchHistory
Value: AQIDKD7-dtGahwAAAYKD1sotW5N2d9L6bl_K8IGt64S6j6gZQQIoJI_tuiXNiOxJBx24q3WrAiTPZw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLoU2wGwMm4FQAAAYKD1sott-ZBGKMnmvF0di6opSuvCfawlqYunApUVLLJvKmEZlEas6Z_NyJ8JUpVYh8gfQ
.ia.ca/ Name: _hp2_ses_props.3226067630
Value: %7B%22r%22%3A%22https%3A%2F%2Fsps.secureweb.inalco.com%2F%22%2C%22ts%22%3A1660069267910%2C%22d%22%3A%22clients.ia.ca%22%2C%22h%22%3A%22%2Faccount%2Flogin%22%2C%22q%22%3A%22%3FfromURI%3Dhttps%253A%252F%252Flogin.service.ia.ca%252Fapp%252Fia-ia_extranetsiteminderclients_2%252Fexk1d12zt32HeLOEQ5d7%252Fsso%252Fsaml%253FRelayState%253Df76cfe2327a4f3ca5d70b2a2e46b30a975d128a0%22%7D
.ia.ca/ Name: _ga_Y7HMN9SDEC
Value: GS1.1.1660069268.1.0.1660069268.60
.ia.ca/ Name: _ga
Value: GA1.1.1804102123.1660069268
.adnxs.com/ Name: uuid2
Value: 4399307183606566004
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202208091821084602067b-73d7-4ef0-8785-41c6d4d28d26AQFjWNLGLXRRdysnxYgMbRvc096X5xIV"
.yahoo.com/ Name: A3
Value: d=AQABBJSl8mICEF-KrgKfZyl_o38dgNFynmYFEgEBAQH382L8YgAAAAAA_eMAAA&S=AQAAAhwFhIFWZ6mvvWkVXpwovQ0
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~26hu
.rubiconproject.com/ Name: khaos
Value: L6MIDPB8-5-64QT
.rubiconproject.com/ Name: audit
Value: 1|x9nAGFtaiJUYFYxJk9cl66/DYi/1gZoHx5dQL/IZleLWaDs14xzbSDXDBqC0hTKdF/fkDsmgSh+M1KxoLazIt9i2Wk5FrGos0XY24Ec+XLur9CrrDK7duToQvoPcDaPPe3dIt5OaLfL0BNuvj2CstKx2WfbeuAQrONvkwZWUEatbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIYXBwbmV4dXMSCwj-8MDlvo_9OhAFEhkKCnJpZ2h0bWVkaWESCwjgvc3jvo_9OhAFEhYKB3J1Ymljb24SCwjgvc3jvo_9OhAFGAUgAygDMgsI4LXQkNWP_ToQBUIPIg0IARIJCgV0aWVyMhABWgduYzA1bmZ4YAE.
.adsymptotic.com/ Name: U
Value: d62f997e91fc095641e82b5c1a72f547

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.heapanalytics.com
cdn.mouseflow.com
clients.ia.ca
connect.facebook.net
content.ia.ca
heapanalytics.com
ia.ca
iac.secureweb.inalco.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
login.service.ia.ca
match.adsrvr.org
p.adsymptotic.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
sps.secureweb.inalco.com
stats.g.doubleclick.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
104.18.102.194
13.107.42.14
151.139.128.11
2001:4860:4802:36::181
207.134.102.157
207.134.102.208
2600:141b:13::17d7:82d9
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2607:f8b0:4004:c07::9b
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.218.90.66
3.33.220.150
34.224.217.116
35.71.149.114
52.139.17.111
54.230.160.114
54.230.163.122
68.67.160.114
8.43.72.98
01f2f38561b09ff36e0f58bcaca3adf28cb5f7f764ff882bfa30b5afcaac1770
1011aaf96cca2edac9341ca76fd8817bb4cc7ff49853a1c1748456245dd1c979
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
308cacb0cb776b40de9c4fc0cb0ac81ae3adb587c39d364373d30591e3e3f276
3178e8634c6315de792b489ee8926d2522758dae82d18673057eb49000876cee
36f42bb85b18113e88ab0d196446c757970e05d9ce21a2590cab1c5c29be4926
3d1fbbb50fd818e6e618feef385e64dcfa373a82702c7cf0314dffde6d036cfd
45d82d15d5be947f8b78cf97212ec2ff179874a6afc77bdef3b0572bcf22cb75
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5648ad5b108b60cd5d58ebcb9274c8ad92830d4a4815a3f9a59b1df5b8fea012
58ace96866326e28e7a9d975467504a76c703ce6b9f18900670286f266c165b1
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
68faffbb23cc0633ced43092188c6e86dcdd73c67ef8b5340f225145424a3630
6bc0f723ae795068c64aa0843118b23485dd238a829d260b0f3af3e3d860c9c5
7039ea4aec6f24136060f39590fbc9691251349a630241dcbb14fc6c0667860d
75dae9804bd1b730e26893fcde36a1ad610abb22e494ce6297ab3a1fc4be9cac
7e62107610aba727ad332815b85d6f1188110984837d706d0dfebec9d7bb8e23
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93c7feb4f1825dbb896cb68bdb48b25ecce47c57c034bd32a3527a343a59703f
95e415a263ad693a8c665b61d296044fb7c1cb7d5a8958333246f7eb0f0af3a9
9a6c1fd1d97430e36b26ea490cd272b8ad608e8bc18a80174d5daa42e25adbeb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf0900d4150e34309bdc544c33f15d4140717eb576250357057029e42c973ae4
c6da33253406bd4fbb431d97de852229b1004b601e38131c5c9af1b318742749
ca5cd9cd51fe7636f09384012279aa0c1337ee2e232411cc99c14ce3ca3bb717
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
ddf7d7673aa7220544eba0eb2ad988c542f8aacc70a0640d2079eaad317d9765
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fa558b8af553b1676894eae54a83c861ffd9c5313cb910704313d4dbbc2c50dc
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace