oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.programnews.airmiles.ca/r/?id=ha6e178a3,7e229fa,5bf9c0
Effective URL:
https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIy...
Submission Tags: falconsandbox
Submission: On December 23 via api (December 23rd 2022, 1:24:52 am UTC) from US — Scanned from CA

Summary HTTP 50 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 50 HTTP transactions. The main IP is 2606:4700:4400::6812:2675, located in United States and belongs to CLOUDFLARENET, US. The main domain is oauth.airmiles.ca. The Cisco Umbrella rank of the primary domain is 880929.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 26th 2022. Valid for: a year.

This is the only time oauth.airmiles.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.99.14.233 3.99.14.233	16509 (AMAZON-02) (AMAZON-02)
1 3	23.54.209.31 23.54.209.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:440... 2606:4700:4400::6812:2675	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
2	54.231.166.16 54.231.166.16	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:f00... 2600:141b:f000:c0a6::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
2 2	159.175.66.11 159.175.66.11	26567 (AS-LMGC-T...) (AS-LMGC-TOR-01)
4	54.167.225.48 54.167.225.48	14618 (AMAZON-AES) (AMAZON-AES)
4	52.217.201.25 52.217.201.25	16509 (AMAZON-02) (AMAZON-02)
1	52.203.61.113 52.203.61.113	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
2	54.209.35.3 54.209.35.3	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.204.51.18 52.204.51.18	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
50	16

1 3.99.14.233 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-99-14-233.ca-central-1.compute.amazonaws.com

t.prod1.programnews.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.54.209.31 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-209-31.deploy.static.akamaitechnologies.com

www.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2675 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

oauth.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.166.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:f000:c0a6::1e80 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.175.66.11 (Toronto, Canada) 2 redirects

ASN26567 (AS-LMGC-TOR-01, CA)
PTR: airmiles.ca

airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.167.225.48 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-225-48.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.201.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

airmiles-fonts.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.61.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-61-113.compute-1.amazonaws.com

starget.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.35.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-35-3.compute-1.amazonaws.com

loyaltyone.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.204.51.18 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-51-18.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (Glen Cove, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gstatic.com www.gstatic.com fonts.gstatic.com	611 KB
9	airmiles.ca 5 redirects t.prod1.programnews.airmiles.ca — Cisco Umbrella Rank: 547233 www.airmiles.ca — Cisco Umbrella Rank: 352465 oauth.airmiles.ca — Cisco Umbrella Rank: 880929 airmiles.ca — Cisco Umbrella Rank: 269932 starget.airmiles.ca — Cisco Umbrella Rank: 831386	325 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 353	108 KB
6	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 204 loyaltyone.demdex.net	9 KB
6	amazonaws.com s3.amazonaws.com airmiles-fonts.s3.amazonaws.com — Cisco Umbrella Rank: 981548	1 MB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9048	564 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	126 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 478	103 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 833	834 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 954	517 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1392	417 B
50	13

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	s3.amazonaws.com oauth.airmiles.ca www.google.com www.gstatic.com
5	fonts.gstatic.com	www.google.com
4	airmiles-fonts.s3.amazonaws.com	oauth.airmiles.ca
4	dpm.demdex.net	assets.adobedtm.com oauth.airmiles.ca
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com oauth.airmiles.ca
3	www.airmiles.ca	1 redirects oauth.airmiles.ca
2	cm.g.doubleclick.net	2 redirects
2	loyaltyone.demdex.net	assets.adobedtm.com
2	www.google.ca	oauth.airmiles.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	airmiles.ca	2 redirects
2	www.googletagmanager.com	s3.amazonaws.com www.googletagmanager.com
2	assets.adobedtm.com	oauth.airmiles.ca assets.adobedtm.com
2	s3.amazonaws.com	oauth.airmiles.ca
2	oauth.airmiles.ca	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cm.everesttech.net	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	starget.airmiles.ca	assets.adobedtm.com
1	polyfill.io	oauth.airmiles.ca
1	t.prod1.programnews.airmiles.ca	1 redirects
50	22

This site contains links to these domains. Also see Links.

Domain
policies.google.com
airmiles.ca
www.airmiles.ca
www.loyalty.com

Subject Issuer	Validity	Valid
oauth.airmiles.ca Cloudflare Inc ECC CA-3	`2022-07-26` - `2023-07-25`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
starget.airmiles.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-11-10` - `2023-11-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Frame ID: EA6D9FCCA3B66680ABD94E668182DC05
Requests: 29 HTTP requests in this frame

Frame: https://loyaltyone.demdex.net/dest5.html?d_nsid=0
Frame ID: 2973E5FB7126F1FC1FC7A6E337723703
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=3va1cuqpjlfc
Frame ID: 80C05AEDBFF44544C614D94474D83155
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
Frame ID: 925FED24706070BEF22FB18CB2C85F5D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AIRMILES | Sign in

Page URL History Show full URLs

https://t.prod1.programnews.airmiles.ca/r/?id=ha6e178a3,7e229fa,5bf9c0 HTTP 302
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm... HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&resp... HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3Rp... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

90 %
HTTPS

48 %
IPv6

13
Domains

22
Subdomains

16
IPs

2
Countries

2728 kB
Transfer

4028 kB
Size

25
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy?hl=en
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://airmiles.ca/en/join.html
Title: Join now

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/login/FindMyCollectorNumber?changeLocale=en
Title: Recover my collector number

Search URL Search Domain Scan URL

URL: https://airmiles.ca/en/profile/forgot-user-id/user-id-recover.html
Title: Recover my email

Search URL Search Domain Scan URL

URL: https://airmiles.ca/fr/login
Title: Français

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/en/get-help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://www.loyalty.com/
Title: LoyaltyOne, Co

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.programnews.airmiles.ca/r/?id=ha6e178a3,7e229fa,5bf9c0 HTTP 302
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/services/airmiles/sling/no-cache/authenticate&state=member&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png HTTP 302
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Request Chain 9

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png HTTP 302
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

Request Chain 22

https://cm.everesttech.net/cm/dd?d_uuid=80920022927472771564038198578648781668 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6UDYAAAAEEzNgN2

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODA5MjAwMjI5Mjc0NzI3NzE1NjQwMzgxOTg1Nzg2NDg3ODE2Njg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODA5MjAwMjI5Mjc0NzI3NzE1NjQwMzgxOTg1Nzg2NDg3ODE2Njg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB9EsoAWFmekRKlVtzO99Ak&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 31

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=80920022927472771564038198578648781668&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Wl.Zq1ZE2pFqFB8eDv8QLGiZcWLT8tsONUk-~A

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
oauth.airmiles.ca/
Redirect Chain

https://t.prod1.programnews.airmiles.ca/r/?id=ha6e178a3,7e229fa,5bf9c0
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/se...
https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE...

3 KB
4 KB

148ms
147ms

Document
text/html

2606:4700:4400::6812:2675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2675 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ff6c424b4d6a407de3fa275c2ea901e265d704c9952b33913725190e85d581d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 77dd4cb4e9feca57-YUL
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 01:24:47 GMT
etag: W/"deb-MCqZQZTgHxZyzYjjP6IvwcxFRkY"
ot-baggage-auth0-request-id: 77dd4cb4e9feca57
ot-tracer-sampled: true
ot-tracer-spanid: 79c384f25d0645c5
ot-tracer-traceid: 38bb46a7393d1759
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-000000000000000038bb46a7393d1759-79c384f25d0645c5-01
tracestate: auth0-request-id=77dd4cb4e9feca57,auth0=true
vary: Accept-Encoding
x-auth0-requestid: b864716312849ba92642
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1671758688
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 77dd4cb27f47ca57-YUL
content-length: 1260
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 01:24:47 GMT
location: /login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
ot-baggage-auth0-request-id: 77dd4cb27f47ca57
ot-tracer-sampled: true
ot-tracer-spanid: 58b06b122ac29ef2
ot-tracer-traceid: 2445b9600b363d09
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-00000000000000002445b9600b363d09-58b06b122ac29ef2-01
tracestate: auth0-request-id=77dd4cb27f47ca57,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: b3d2a1c3ba691d873a76
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 498
x-ratelimit-reset: 1671758688

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 57ms
22ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=es2015
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:47 GMT
content-encoding: br
last-modified: Wed, 30 Nov 2022 17:02:06 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-yul12822, PASS, fastly;desc="Edge time";dur=12
accept-ranges: bytes
content-length: 94

GET
H/1.1 200
OK gtmDataLayer.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 355 B
762 B 108ms
56ms Script
application/javascript 54.231.166.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.166.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:48 GMT
Last-Modified: Wed, 22 Jun 2022 12:35:47 GMT
Server: AmazonS3
x-amz-request-id: QF5J7782Y6WT4GMH
ETag: "26b4c91e6ed7cb7bd0e6de46903ebc04"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 355
x-amz-id-2: GD35jMPt+RmtIH+dupzBUTAutdwqGO6GKgoc4d9+xqwkCaY7++RJBiVNAybO4Indp0dgqbwzaGM=

GET
H2 200 launch-29c1aee2883d.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/ 329 KB
102 KB 107ms
19ms Script
application/x-javascript 2600:141b:f000:c0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:c0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:47 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:05 GMT
server: AkamaiNetStorage
etag: "96b278a64915ff92bf38e9e96c0ea8fe:1669646465.433522"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 103861
expires: Fri, 23 Dec 2022 02:24:47 GMT

GET
H/1.1 200
OK auth0p.1.0.152.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 1 MB
1 MB 103ms
51ms Script
application/javascript 54.231.166.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.152.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.166.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e2631ad995d7604b032a6a7824c7a407321a399d02d88141277db026027cf90d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:48 GMT
Last-Modified: Thu, 15 Dec 2022 13:48:20 GMT
Server: AmazonS3
x-amz-request-id: QF5Z874A9WCK826T
ETag: "f53c1318795f723468d18246143ddd1d"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1335511
x-amz-id-2: yUfIRVzd25TW/Zx+jdwI6vkDc2IrygEjVeHIAS04UIH/ivvtgC96PYv7CMtV6uypucwwyEQO0SQ=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
52 KB 82ms
35ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7644339bc462a8e892df877035893a3ae1c80a9e7065515c750e9d8a239806d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52397
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Dec 2022 01:24:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 00:44:06 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 23 Dec 2022 02:44:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 143ms
102ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02b5b9274ebc699b374e101801623d6090472cbd31f15545624fd17e7a3851c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Dec 2022 01:24:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
990 B 91ms
39ms Script
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.152.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8356d165c0e077d3defba2d9edc68a96110f077e0a71e58de6042d0666724bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 1; mode=block
expires: Fri, 23 Dec 2022 01:24:48 GMT

GET
H2

200

AIRMILES_NOTAG.png
www.airmiles.ca/content/dam/airmiles/ca/en/homepage/
Redirect Chain

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

13 KB
13 KB

25ms
25ms

Image
image/png

23.54.209.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Requested by

Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Server

23.54.209.31 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-209-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 01:24:48 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 13215
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Oct 2021 20:45:30 GMT
server: Apache
etag: "339f-5cda11c31ae80"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

Redirect headers

Location: https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

AM_EN_2021_Card_Angle_200pc_updated.png
www.airmiles.ca/content/dam/airmiles/ca/en/homepage/
Redirect Chain

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

302 KB
303 KB

27ms
26ms

Image
image/png

23.54.209.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

Requested by

Protocol

Server

23.54.209.31 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-209-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d660b71230c11560d6cc62c46f2a8568b6a2e5d6e605fb9fbd2a36854bc24048

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 01:24:48 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 309254
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 03:11:02 GMT
server: Apache
etag: "4b806-5cd2dcbebbd80"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

Redirect headers

Location: https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 790 B
1 KB 120ms
27ms XHR
application/json 54.167.225.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=6A3DF65A5832D31C0A495C35%40AdobeOrg&d_nsid=0&d_mid=81422266513091461114087297037303807999&ts=1671758688113

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-225-48.compute-1.amazonaws.com

Software

Resource Hash

c7dd8e424bd0f7c2c684bf4660923ad6c701559b71850c0fd1585e102db0a678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v044-0e502a394.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: quM+h7f9RnI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK archivo-regular.woff2
airmiles-fonts.s3.amazonaws.com/ 12 KB
13 KB 118ms
50ms Font
binary/octet-stream 52.217.201.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-regular.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.201.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:49 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:23 GMT
Server: AmazonS3
x-amz-request-id: Z5YZE77FQ6G67904
ETag: "2c86cd470c4a37013e3bd26918617dbc"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 12516
x-amz-id-2: lhNqUmPPZv9PndC3jtlxFl3IsIr1yTeTvCAnMaVyOI3uIiZ6fAeFfb0cEGCxT2+ySq3gPl1DW6Q=

GET
H/1.1 200
OK montserrat-bold.woff2
airmiles-fonts.s3.amazonaws.com/ 20 KB
20 KB 112ms
47ms Font
binary/octet-stream 52.217.201.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/montserrat-bold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.201.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:49 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:16 GMT
Server: AmazonS3
x-amz-request-id: Z5YV5MHDP0Y5CHYB
ETag: "7bad4a6005ffca3966b2a099250e0638"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 20040
x-amz-id-2: JtczlLqsJEyU7auKpOgArlFbw3nxOxjfZj80QhbdLOCkUpCeibm32VzEUz1fFUjLMFSenqdh+4s=

GET
H/1.1 200
OK AM-icon.ttf
airmiles-fonts.s3.amazonaws.com/ 77 KB
77 KB 134ms
69ms Font
binary/octet-stream 52.217.201.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/AM-icon.ttf
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.201.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:49 GMT
Last-Modified: Tue, 24 May 2022 15:22:57 GMT
Server: AmazonS3
x-amz-request-id: Z5YS20Z244ZWH1T8
ETag: "2b0a39d5a49aad51c97ca6e71f3f4d58"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 78788
x-amz-id-2: tEk+jZfzPYio2MrFLOCt0FeE9sDvrnhDKRgPgA09vkflXoZYUw+GxL20NV2hhcKYtwq+8cOrb08=

GET
H/1.1 200
OK archivo-semibold.woff2
airmiles-fonts.s3.amazonaws.com/ 11 KB
12 KB 114ms
49ms Font
binary/octet-stream 52.217.201.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-semibold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.201.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 01:24:49 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:20 GMT
Server: AmazonS3
x-amz-request-id: Z5YPEZNK6KTAAE6F
ETag: "f023c1e223eb8e25de33525b21c48999"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 11724
x-amz-id-2: kV9d0W0fMTpC+8bsxCo0/wqLMUxTdW1PO5ANsbPzK6w4usEdT9ykgEx83r2RfD8IquDavZ1Clhk=

POST
H2 200 delivery Show response
starget.airmiles.ca/rest/v1/ 353 B
721 B 138ms
39ms XHR
application/json 52.203.61.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://starget.airmiles.ca/rest/v1/delivery?client=loyaltyone&sessionId=e33a489796df4d0c85cc36e0ff1af3be&version=2.8.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.61.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-61-113.compute-1.amazonaws.com
Software: /
Resource Hash: 76114c401891cc79622cec10535c368a4333e6541e0c671d538d079962a06fa3

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Dec 2022 01:24:48 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://oauth.airmiles.ca
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 83844426466b73ff29f41a8885cc213f

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 61ms
19ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 00:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 23 Dec 2022 01:42:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 96ms
32ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-CWLBQJLYC4&gtm=2oebu0&_p=1292010755&_gaz=1&cid=1325838297.1671758688&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671758688&sct=1&seg=0&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dt=AIRMILES%20%7C%20Sign%20in&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 104ms
33ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CWLBQJLYC4&cid=1325838297.1671758688&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 96ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CWLBQJLYC4&cid=1325838297.1671758688&gtm=2oebu0&aip=1&z=1378158108

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 403 KB
162 KB 80ms
19ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 21:43:23 GMT

GET
H/1.1 200
OK dest5.html Show response
loyaltyone.demdex.net/ Frame 2973 7 KB
3 KB 127ms
24ms Document
text/html 54.209.35.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.35.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-35-3.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v044-09641ad5d.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ijcs/HiNTLk=
content-encoding: gzip
date: Fri, 23 Dec 2022 01:24:48 GMT
last-modified: Fri, 28 Oct 2022 11:03:30 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y6UDYAAAAEEzNgN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=80920022927472771564038198578648781668
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6UDYAAAAEEzNgN2

42 B
940 B

34ms
33ms

Image
image/gif

54.167.225.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6UDYAAAAEEzNgN2

Requested by

Protocol

HTTP/1.1

Server

54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-225-48.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-04e29f9cc.edge-va6.demdex.com 8 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8kYdOYr3Rb8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6UDYAAAAEEzNgN2
Date: Fri, 23 Dec 2022 01:24:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 74ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76333024-1&cid=1325838297.1671758688&jid=953809195&gjid=351147516&_gid=60046782.1671758688&_u=aGBAiEAjBAAAAEAAI~&z=1142534864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Dec 2022 01:24:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
19ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1292010755&t=pageview&_s=1&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBuY1Y2ZzNXZ1h5NEhWWWlUeTNGWTE4ZS1KUWM4bGdIZaFupWxvZ2luo3RpZNkgbzNYREg4NUFMTDIyakw3dFBRU3pLeEpGSkoxSkRNdFWjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dp=%2Flogin&ul=en-us&de=UTF-8&dt=AIRMILES%20%7C%20Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAAAAAAAI~&jid=953809195&gjid=351147516&cid=1325838297.1671758688&tid=UA-76333024-1&_gid=60046782.1671758688&gtm=2wgbu0589MTWS&cd5=prod&cd9=1671758687892&cd11=1671758687892.xiy71v5e&z=308278546

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 20:13:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18649
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 81ms
37ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=1325838297.1671758688&jid=953809195&_u=aGBAiEAjBAAAAEAAI~&z=1490190096

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 79ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=1325838297.1671758688&jid=953809195&_u=aGBAiEAjBAAAAEAAI~&z=1490190096

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 80C0 43 KB
23 KB 52ms
51ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=3va1cuqpjlfc

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4afa86360b6a98b5acc6a8ed9c9e6c22f50910c03641cd409e3cb50ba9df89a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jaY-waxTylD816p3zY57vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23023
content-security-policy: script-src 'report-sample' 'nonce-jaY-waxTylD816p3zY57vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:24:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEB9EsoAWFmekRKlVtzO99Ak&google_cver=1
dpm.demdex.net/ Frame 2973
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODA5MjAwMjI5Mjc0NzI3NzE1NjQwMzgxOTg1Nzg2NDg3ODE2Njg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODA5MjAwMjI5Mjc0NzI3NzE1NjQwMzgxOTg1Nzg2NDg3ODE2Njg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB9EsoAWFmekRKlVtzO99Ak&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

29ms
28ms

Image
image/gif

54.167.225.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB9EsoAWFmekRKlVtzO99Ak&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-225-48.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0c19b834a.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: jh+0qRfySAc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Dec 2022 01:24:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB9EsoAWFmekRKlVtzO99Ak&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 80C0 52 KB
24 KB 60ms
19ms Stylesheet
text/css 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=3va1cuqpjlfc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 21:43:24 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 80C0 403 KB
161 KB 70ms
29ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 21:43:23 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 2973
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=80920022927472771564038198578648781668&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Wl.Zq1ZE2pFqFB8eDv8QLGiZcWLT8tsONUk-~A

42 B
940 B

28ms
27ms

Image
image/gif

54.167.225.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Wl.Zq1ZE2pFqFB8eDv8QLGiZcWLT8tsONUk-~A

Requested by

Protocol

HTTP/1.1

Server

54.167.225.48 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-225-48.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-0bfb71767.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wTVhfyKLQwo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 23 Dec 2022 01:24:48 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0107.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Wl.Zq1ZE2pFqFB8eDv8QLGiZcWLT8tsONUk-~A
content-length: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 80C0 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:27:04 GMT
x-content-type-options: nosniff
age: 226664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 10:27:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80C0 15 KB
16 KB 77ms
19ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 166640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 03:07:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80C0 15 KB
15 KB 82ms
25ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:19:56 GMT
x-content-type-options: nosniff
age: 183892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:19:56 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 80C0 102 B
134 B 40ms
40ms Other
text/javascript 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=3va1cuqpjlfc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 23 Dec 2022 01:24:48 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 925F 7 KB
1 KB 41ms
40ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7eb8de7376d3961beef827cb763ed7940efb7a3809b6023c1a4d6a0dfc505bc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HESFjNLQf_IaD69Y6j24MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-HESFjNLQf_IaD69Y6j24MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 01:24:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 925F 52 KB
24 KB 20ms
20ms Stylesheet
text/css 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:43:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 21:43:24 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 925F 403 KB
161 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164706
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 21:43:23 GMT

GET
H2 200 RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/ 2 KB
1 KB 19ms
18ms Script
application/x-javascript 2600:141b:f000:c0a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:c0a6::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:48 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:06 GMT
server: AkamaiNetStorage
etag: "51a9fb67f17c7e0f8a28ff2fa9da7b02:1669646466.263451"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1134
expires: Fri, 23 Dec 2022 02:24:48 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 925F 39 KB
24 KB 76ms
75ms XHR
application/json 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa7ad42153477d72419ae98beb7cfff65126a11c3f161dea40cb7a25d91ebc1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 23 Dec 2022 01:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24261
x-xss-protection: 1; mode=block
expires: Fri, 23 Dec 2022 01:24:48 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 925F 600 B
624 B 20ms
19ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:05:46 GMT
x-content-type-options: nosniff
age: 310742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 11:05:46 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 925F 530 B
554 B 21ms
19ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 07:36:22 GMT
x-content-type-options: nosniff
age: 64106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Dec 2022 07:36:22 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 925F 665 B
689 B 21ms
20ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 07:56:00 GMT
x-content-type-options: nosniff
age: 235728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Dec 2022 07:56:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 925F 15 KB
15 KB 72ms
23ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 166641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 03:07:28 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 925F 15 KB
15 KB 74ms
25ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 06:12:55 GMT
x-content-type-options: nosniff
age: 587514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 16 Dec 2023 06:12:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 925F 15 KB
15 KB 82ms
34ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:19:56 GMT
x-content-type-options: nosniff
age: 183893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:19:56 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 925F 59 KB
59 KB 40ms
39ms Image
image/jpeg 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AD1IbLCav969Ys8SddFEm8UP6abTvLzmEPw9mr85FrcYjFVezptTOpYS1dYIWIK1iS0598oasnhMEHmxGr8KY0PGpnMqonUR1bus8RPfGKisGC6NeRG-AGLOSDtJEhIE1nhMkPfkj4uadtnb0TZ5YKZNJEweKl5w7DH_0W21pBw0RX-T_7-ntLtCR0Puggo3ZWoP8ZtJIo2K98H8qUjcl8f0azMBcLmaaQ&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

abfff6966556edec8377f2c920308794efde642b894d5f5e76848c850b73ee4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 01:24:49 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60717
x-xss-protection: 1; mode=block
expires: Fri, 23 Dec 2022 01:24:49 GMT

POST
H/1.1 200
OK event Show response
loyaltyone.demdex.net/ 636 B
1 KB 37ms
37ms XHR
application/json 54.209.35.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/event?d_dil_ver=9.5&_ts=1671758689360

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.35.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-35-3.compute-1.amazonaws.com

Software

Resource Hash

d3b1d1ca94e918a20ee9393d360a309acb45181e85aaab3832698f714884200c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-2-v044-03e32790c.edge-va6.demdex.com 13 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 5YQUxzlyTQ4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 413
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oauth.airmiles.ca/usernamepassword/login	1970-01-20 08:37:02	Name: _csrf Value: hThwP92HSodiCbkeV-aRxQC3
www.google.com/recaptcha	1970-01-20 12:41:50	Name: _GRECAPTCHA Value: 09AJ4Tk-6Inkz2enwuid3WZ-aUM333UMOm5f3dV5x5sITMVjjPh1Im7VD1EYaZEoPDNKvQcR4XynRwTquPEUmv4AM
.airmiles.ca/	1969-12-31 23:59:59	Name: nlid Value: a6e178a3\|7e229fa
.airmiles.ca/	1970-01-20 17:58:38	Name: nllastdelid Value: 7e229fa
.airmiles.ca/	1969-12-31 23:59:59	Name: province Value: QC
.airmiles.ca/	1969-12-31 23:59:59	Name: returnTo Value: https_//www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
oauth.airmiles.ca/	1970-01-20 17:08:36	Name: did Value: s%3Av0%3A969c7260-8260-11ed-a14c-c5b13e5adb69.gzpkYDorkQJlVRGPpJtX8VXzp5%2Bp09nZlLL5F7m%2FJuc
oauth.airmiles.ca/	1970-01-20 08:26:57	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEsk7kwJ5-XC7GBkeLugsKs-f5JauBsjLAxfdtVmaDeWYyCFWNx0ZMteqsjHLByFiEQeEzjCItnhMEOISW7EXlemY29va2llg6dleHBpcmVz1_9xAqoAY6j3365vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7b%2BPvrzzvmgKmGJguEU8z7uNnXeBJYGHM3QsfaXx32w
oauth.airmiles.ca/	1970-01-20 17:08:36	Name: did_compat Value: s%3Av0%3A969c7260-8260-11ed-a14c-c5b13e5adb69.gzpkYDorkQJlVRGPpJtX8VXzp5%2Bp09nZlLL5F7m%2FJuc
oauth.airmiles.ca/	1970-01-20 08:26:57	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEsk7kwJ5-XC7GBkeLugsKs-f5JauBsjLAxfdtVmaDeWYyCFWNx0ZMteqsjHLByFiEQeEzjCItnhMEOISW7EXlemY29va2llg6dleHBpcmVz1_9xAqoAY6j3365vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.7b%2BPvrzzvmgKmGJguEU8z7uNnXeBJYGHM3QsfaXx32w
.airmiles.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.airmiles.ca/	1970-01-20 08:24:05	Name: _gid Value: GA1.2.60046782.1671758688
.airmiles.ca/	1970-01-20 17:58:38	Name: _ga_CWLBQJLYC4 Value: GS1.1.1671758688.1.0.1671758688.60.0.0
.airmiles.ca/	1970-01-20 17:58:38	Name: _ga Value: GA1.1.1325838297.1671758688
.demdex.net/	1970-01-20 12:41:50	Name: demdex Value: 80920022927472771564038198578648781668
.airmiles.ca/	1969-12-31 23:59:59	Name: AMCVS_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: 1
.airmiles.ca/	1970-01-20 08:22:38	Name: _dc_gtm_UA-76333024-1 Value: 1
.airmiles.ca/	1970-01-20 17:58:38	Name: mbox Value: session#e33a489796df4d0c85cc36e0ff1af3be#1671760549\|PC#e33a489796df4d0c85cc36e0ff1af3be.34_0#1735003489
.everesttech.net/	1970-01-20 17:08:14	Name: everest_g_v2 Value: g_surferid~Y6UDYAAAAEEzNgN2
.dpm.demdex.net/	1970-01-20 12:41:50	Name: dpm Value: 80920022927472771564038198578648781668
.airmiles.ca/	1970-01-20 17:58:38	Name: AMCV_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: -2121179033%7CMCMID%7C81422266513091461114087297037303807999%7CMCIDTS%7C19350%7CMCAAMLH-1672363488%7C7%7CMCAAMB-1672363488%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1671765888s%7CNONE%7CMCSYNCSOP%7C411-19357%7CvVersion%7C5.3.0
.demdex.net/	1970-01-20 12:41:50	Name: dextp Value: 771-1-1671758688419\|30646-1-1671758688520
.yahoo.com/	1970-01-20 17:08:36	Name: A3 Value: d=AQABBGADpWMCEPmmmbOTqujQRhYylVQ7vt4FEgEBAQFUpmOuYwAAAAAA_eMAAA&S=AQAAAnBRn8T3EgaGzCh2wCZI7K0
.doubleclick.net/	1970-01-20 17:58:38	Name: IDE Value: AHWqTUkSBeVNOd9jaF4Q6TXWuRJmT0gYgouGyed6mezFpo4NJi3mIiJ5Xdfm078hT1k
.oauth.airmiles.ca/	1970-01-20 09:05:50	Name: aam_tnt Value: seg%3D15722027%2Cseg%3D15559059%2Cseg%3D15722027%2Cseg%3D15779431

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airmiles-fonts.s3.amazonaws.com
airmiles.ca
analytics.google.com
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
fonts.gstatic.com
loyaltyone.demdex.net
oauth.airmiles.ca
polyfill.io
s3.amazonaws.com
starget.airmiles.ca
stats.g.doubleclick.net
t.prod1.programnews.airmiles.ca
www.airmiles.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.80.34
159.175.66.11
2001:4860:4802:34::181
23.54.209.31
2600:141b:f000:c0a6::1e80
2606:4700:4400::6812:2675
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
2a04:4e42::282
3.99.14.233
52.203.61.113
52.204.51.18
52.217.201.25
54.167.225.48
54.209.35.3
54.231.166.16
76.13.32.147
02b5b9274ebc699b374e101801623d6090472cbd31f15545624fd17e7a3851c4
18eb1494d12fc5449cb04659d313f1183dfa9f93c3b0b10784527e441bee9148
1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ff6c424b4d6a407de3fa275c2ea901e265d704c9952b33913725190e85d581d
76114c401891cc79622cec10535c368a4333e6541e0c671d538d079962a06fa3
7644339bc462a8e892df877035893a3ae1c80a9e7065515c750e9d8a239806d0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eb8de7376d3961beef827cb763ed7940efb7a3809b6023c1a4d6a0dfc505bc9
817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a
a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11
a8356d165c0e077d3defba2d9edc68a96110f077e0a71e58de6042d0666724bc
abfff6966556edec8377f2c920308794efde642b894d5f5e76848c850b73ee4a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a
bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3
bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8
c7dd8e424bd0f7c2c684bf4660923ad6c701559b71850c0fd1585e102db0a678
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d3b1d1ca94e918a20ee9393d360a309acb45181e85aaab3832698f714884200c
d660b71230c11560d6cc62c46f2a8568b6a2e5d6e605fb9fbd2a36854bc24048
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e2631ad995d7604b032a6a7824c7a407321a399d02d88141277db026027cf90d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4afa86360b6a98b5acc6a8ed9c9e6c22f50910c03641cd409e3cb50ba9df89a
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa7ad42153477d72419ae98beb7cfff65126a11c3f161dea40cb7a25d91ebc1a

oauth.airmiles.ca Open in urlscan Pro 2606:4700:4400::6812:2675 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

90 %HTTPS

48 %IPv6

13 Domains

22 Subdomains

16 IPs

2 Countries

2728 kBTransfer

4028 kBSize

25 Cookies

8 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

90 %
HTTPS

48 %
IPv6

13
Domains

22
Subdomains

16
IPs

2
Countries

2728 kB
Transfer

4028 kB
Size

25
Cookies

50 HTTP transactions
0 data transactions