www.cira.ca Open in urlscan Pro
104.22.74.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://star.ca/
Effective URL:
https://www.cira.ca/en/?post_type=page&p=41471
Submission: On May 27 via api (May 27th 2024, 8:25:32 am UTC) from US — Scanned from CA

Summary HTTP 108 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 27 domains to perform 108 HTTP transactions. The main IP is 104.22.74.135, located in and belongs to CLOUDFLARENET, US. The main domain is www.cira.ca.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 31st 2023. Valid for: a year.

This is the only time www.cira.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.15.209 104.21.15.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	104.22.74.135 104.22.74.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
1 8	142.251.163.99 142.251.163.99	15169 (GOOGLE) (GOOGLE)
2	104.16.138.209 104.16.138.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.154.227.128 18.154.227.128	16509 (AMAZON-02) (AMAZON-02)
1	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
1	104.17.223.152 104.17.223.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.34.229 104.18.34.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.175.201 104.17.175.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
1	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
6	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
1	23.218.218.170 23.218.218.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	18.160.41.58 18.160.41.58	16509 (AMAZON-02) (AMAZON-02)
3	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	104.18.128.216 104.18.128.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.160.18.117 18.160.18.117	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.241.108 104.18.241.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.31.174 104.17.31.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1 2	142.251.167.148 142.251.167.148	15169 (GOOGLE) (GOOGLE)
1	142.250.31.148 142.250.31.148	15169 (GOOGLE) (GOOGLE)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.167.155 142.251.167.155	15169 (GOOGLE) (GOOGLE)
1	99.84.191.43 99.84.191.43	16509 (AMAZON-02) (AMAZON-02)
2	13.107.246.38 13.107.246.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	104.18.34.214 104.18.34.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
108	33

1 104.21.15.209 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

star.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.22.74.135 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cira.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.163.99 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.138.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.227.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-128.iad55.r.cloudfront.net

e.infogram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.223.152 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.229 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.170 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-170.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.128.216 (None, )

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.18.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-117.iad12.r.cloudfront.net

cdn.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.24 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.241.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.31.174 (None, )

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.163.154 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.148 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f148.1e100.net

10329013.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-43.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.214 (None, )

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	cira.ca 1 redirects www.cira.ca	482 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 154	2 KB
9	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 cm.g.doubleclick.net Failed googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 10329013.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 159	7 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	709 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	5 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619	3 KB
6	google.ca www.google.ca — Cisco Umbrella Rank: 10035	383 B
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 743 o.clarity.ms — Cisco Umbrella Rank: 475879	27 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	15 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	76 KB
2	adnxs.com ib.adnxs.com Failed secure.adnxs.com — Cisco Umbrella Rank: 482	2 KB
2	schemaapp.com cdn.schemaapp.com — Cisco Umbrella Rank: 12556	12 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9403 prism.app-us1.com — Cisco Umbrella Rank: 9486	8 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	60 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	2 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9557	315 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	2 KB
1	reddit.com pixel-config.reddit.com alb.reddit.com Failed	124 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3473	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	24 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	gstatic.com www.gstatic.com	207 KB
1	infogram.com e.infogram.com — Cisco Umbrella Rank: 26703	5 KB
1	star.ca 1 redirects star.ca	507 B
108	27

	Domain	Requested by
36	www.cira.ca	1 redirects www.cira.ca
8	www.google.com	1 redirects www.cira.ca www.gstatic.com
8	www.googletagmanager.com	www.cira.ca www.googletagmanager.com js.hsadspixel.net
6	www.facebook.com	www.cira.ca
6	www.google.ca	www.cira.ca
5	px.ads.linkedin.com	2 redirects snap.licdn.com www.cira.ca
5	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.cira.ca
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	o.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	10329013.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	secure.adnxs.com	1 redirects www.cira.ca
2	cdn.schemaapp.com	www.googletagmanager.com cdn.schemaapp.com
2	www.redditstatic.com	www.cira.ca www.redditstatic.com
2	analytics.google.com	www.googletagmanager.com
2	js.hs-scripts.com	www.cira.ca www.googletagmanager.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	ad.doubleclick.net	www.cira.ca
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	pixel-config.reddit.com	www.redditstatic.com
1	api.hubapi.com	js.hsadspixel.net
1	diffuser-cdn.app-us1.com	www.cira.ca
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	www.gstatic.com	www.google.com
1	e.infogram.com	www.cira.ca
1	star.ca	1 redirects
0	alb.reddit.com Failed	www.cira.ca
0	ib.adnxs.com Failed	www.cira.ca
0	cm.g.doubleclick.net Failed	www.cira.ca
108	38

This site contains links to these domains. Also see Links.

Domain
calendly.com
facebook.com
instagram.com
linkedin.com
mstdn.ca
twitter.com
tiktok.com
youtube.com
locomotive.ca

Subject Issuer	Validity	Valid
www.cira.ca Sectigo RSA Domain Validation Secure Server CA	`2023-07-31` - `2024-07-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
infogram.com Amazon RSA 2048 M03	`2024-04-07` - `2025-05-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
diffuser-cdn.app-us1.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
cdn.schemaapp.com Amazon RSA 2048 M02	`2023-10-31` - `2024-11-27`	a year	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
prism.app-us1.com E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.cira.ca/en/?post_type=page&p=41471
Frame ID: 63EFD67C99A86976129D81EC0A0D155E
Requests: 106 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWM-kkAAAAAAOIrYg5ngG46QtbjZZiJQEnoyYj&co=aHR0cHM6Ly93d3cuY2lyYS5jYTo0NDM.&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=c047cefu2gpd
Frame ID: 4E9E5E4C6F51ED43BC4C36E5CD5B237D
Requests: 1 HTTP requests in this frame

Frame: https://10329013.fls.doubleclick.net/activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471
Frame ID: 2319BC4D9B2AC2B9E6B73F60517D1F20
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact a domain holder – CIRA

Page URL History Show full URLs

https://star.ca/ HTTP 301
https://www.cira.ca/ca-domains/contact-a-domain-holder HTTP 301
https://www.cira.ca/en/?post_type=page&p=41471 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

108
Requests

94 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

33
IPs

2
Countries

1707 kB
Transfer

5357 kB
Size

33
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://calendly.com/cira/cybersecurity-awareness-training?%2F%3F=&month=2023-05
Title: Book a meeting

Search URL Search Domain Scan URL

URL: https://facebook.com/cira.ca
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/ciradotca/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/canadian-internet-registration-authority
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://mstdn.ca/@cira
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://twitter.com/ciranews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://tiktok.com/@cira.ca
Title: TikTok

Search URL Search Domain Scan URL

URL: https://youtube.com/ciranews
Title: YouTube

Search URL Search Domain Scan URL

URL: https://locomotive.ca/en
Title: Website by Locomotive

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://star.ca/ HTTP 301
https://www.cira.ca/ca-domains/contact-a-domain-holder HTTP 301
https://www.cira.ca/en/?post_type=page&p=41471 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://insight.adsrvr.org/track/pxl/?adv=tipkc45&ct=0:4g5162e&fmt=3&gtmcb=58385069 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjczMDhjOTctMjkwYi00Njk2LWE3ZWUtMjk2ZDkzZGRiNWUy&gdpr=0&gdpr_consent=&ttd_tdid=f7308c97-290b-4696-a7ee-296d93ddb5e2

Request Chain 60

https://insight.adsrvr.org/track/pxl/?adv=iyu6owe&ct=0:hbf5fos&fmt=3/ HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d7747636-5e28-4110-bd5f-f9c5eb6e050a

Request Chain 61

https://secure.adnxs.com/px?id=1608882&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608882%26t%3D2

Request Chain 71

https://10329013.fls.doubleclick.net/activityi;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471 HTTP 302
https://10329013.fls.doubleclick.net/activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471

Request Chain 75

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1395794%26time%3D1716798302163%26url%3Dhttps%253A%252F%252Fwww.cira.ca%252Fen%252F%253Fpost_type%253Dpage%2526p%253D41471%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true&liSync=true

Request Chain 93

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChEI8N7QsgYQ6Z2biKTljda5ARIdANID60vXu5zofCeQ9pL7-Lvknq7fkFaLibSpBTE&pscrd=IhMI34LXh7SthgMVlC9oCB1AiAeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FGh0dHBzOi8vd3d3LmNpcmEuY2Ev HTTP 302
https://www.google.com/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI34LXh7SthgMVlC9oCB1AiAeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FGh0dHBzOi8vd3d3LmNpcmEuY2Ev&is_vtc=1&cid=CAQSKQDaQooLx6es0zFBPNw65LQBlgDQgEyUyLLra5DrW6coRB8cMMqxa2NW&eitems=ChEI8N7QsgYQ6Z2biKTljda5ARIdANID60sms0ywduTZCz5TfPIkJApaJwLuhhrSBak&random=2729091228 HTTP 302
https://www.google.ca/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI34LXh7SthgMVlC9oCB1AiAeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FGh0dHBzOi8vd3d3LmNpcmEuY2Ev&is_vtc=1&cid=CAQSKQDaQooLx6es0zFBPNw65LQBlgDQgEyUyLLra5DrW6coRB8cMMqxa2NW&eitems=ChEI8N7QsgYQ6Z2biKTljda5ARIdANID60sms0ywduTZCz5TfPIkJApaJwLuhhrSBak&random=2729091228&ipr=y

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cira.ca/en/
Redirect Chain

https://star.ca/
https://www.cira.ca/ca-domains/contact-a-domain-holder
https://www.cira.ca/en/?post_type=page&p=41471

326 KB
42 KB

59ms
57ms

Document
text/html

104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

536063834edf9cd4a676faefcb925047d4614afa09723ac05cc47344eb5d9d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88a49ca79cf636d7-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none;
cross-origin-opener-policy: same-origin-allow-popups;
cross-origin-resource-policy: same-origin;
date: Mon, 27 May 2024 08:25:01 GMT
link: <https://www.cira.ca/en/wp-json/>; rel="https://api.w.org/" <https://www.cira.ca/en/wp-json/wp/v2/pages/41471>; rel="alternate"; type="application/json" <https://www.cira.ca/en/?p=41471>; rel=shortlink
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-lsadc-cache: hit
x-permitted-cross-domain-policies: none;
x-xss-protection: 1; mode=block;

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 88a49ca46bb336d7-YYZ
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none;
cross-origin-opener-policy: same-origin-allow-popups;
cross-origin-resource-policy: same-origin;
date: Mon, 27 May 2024 08:25:01 GMT
expires: Mon, 27 May 2024 09:25:01 GMT
location: /en/?post_type=page&p=41471
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache-control: no-cache
x-litespeed-tag: 911_HTTP.301,911_HTTP.301
x-permitted-cross-domain-policies: none;
x-redirect-by: redirection
x-xss-protection: 1; mode=block;

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 367 KB
108 KB 164ms
59ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5VP7LWWHS

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

60731d173912c7410571e9f73c7aa0d7344115e361379e68436917a074e28599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H3 200 dashicons.min.css
www.cira.ca/wordpress/wp-includes/css/ 58 KB
35 KB 38ms
37ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/css/dashicons.min.css?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"e688-603ffca6-960435c15e43450f;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca81a92ab06-YYZ
expires: Tue, 21 May 2024 09:08:47 GMT

GET
H3 200 display-opinions-light.css
www.cira.ca/plugins/ninja-forms/assets/css/ 44 KB
7 KB 35ms
31ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09d3d1a2b0c3072550f34d2b1ef5aa8c743ffa1ae9209ec0eb6423d730032dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 6205
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Fri, 17 Nov 2023 16:44:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"aeff-65579853-b9ccddb75fbe5fb;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82a94ab06-YYZ
expires: Mon, 03 Jun 2024 06:41:36 GMT

GET
H3 200 font-awesome.min.css
www.cira.ca/plugins/ninja-forms/assets/css/ 27 KB
6 KB 75ms
71ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 574415
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Fri, 17 Nov 2023 16:44:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"6b4a-65579853-814503ec53972dc9;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82a99ab06-YYZ
expires: Tue, 21 May 2024 04:52:25 GMT

GET
H3 200 saves-table.css
www.cira.ca/plugins/ninja-forms-save-progress/assets/styles/min/ 371 B
665 B 37ms
32ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-save-progress/assets/styles/min/saves-table.css?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7dcfad63558edf4150fd00888efa5eb8acaac2cf93fe687e250e2096b3cdaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 598515
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 08 Feb 2023 19:34:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"173-63e3f942-4155a9ff7b3245a0;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82a9dab06-YYZ
expires: Mon, 27 May 2024 10:09:46 GMT

GET
H3 200 display-opinions-light.css
www.cira.ca/plugins/ninja-forms-multi-part/assets/css/ 4 KB
1 KB 77ms
71ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-multi-part/assets/css/display-opinions-light.css?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10814d726a869586d3d8676bfaeed9f04e32b58bda2e1dde3f50a87ada14657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 513302
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Tue, 02 Apr 2019 15:20:24 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"1047-5ca37db8-1153d194767c9261;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82a9fab06-YYZ
expires: Thu, 23 May 2024 23:35:07 GMT

GET
H3 200 display-structure.css
www.cira.ca/plugins/ninja-forms-style/layouts/assets/css/ 2 KB
867 B 77ms
72ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-style/layouts/assets/css/display-structure.css?ver=3.0.29

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 604545
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Mon, 15 Feb 2021 08:48:30 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"619-602a355e-ecd66b94ac3f980f;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa0ab06-YYZ
expires: Thu, 23 May 2024 23:35:07 GMT

GET
H3 200 styles.css
www.cira.ca/plugins/wpml-sitepress-multilingual-cms/dist/css/blocks/ 58 KB
7 KB 78ms
73ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/wpml-sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.5

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10050
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 02 Aug 2023 13:03:58 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"e768-64ca543e-eccd6676d27d43e6;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa2ab06-YYZ
expires: Mon, 27 May 2024 15:26:43 GMT

GET
H3 200 cms-navigation-base.css
www.cira.ca/plugins/wpml-cms-nav/res/css/ 3 KB
1 KB 78ms
73ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/wpml-cms-nav/res/css/cms-navigation-base.css?ver=1.5.5

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8577df598f439b9602bfec90eb2c2a654dbb3bd1922ad1d768d6ca3aef58c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10050
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 09 Sep 2020 08:28:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"bbc-5f58922c-ba7ac43bb2ddc82b;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa3ab06-YYZ
expires: Mon, 27 May 2024 15:26:43 GMT

GET
H3 200 cms-navigation.css
www.cira.ca/plugins/wpml-cms-nav/res/css/ 2 KB
1 KB 78ms
74ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/wpml-cms-nav/res/css/cms-navigation.css?ver=1.5.5

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7391b5c06a56e0f70f64b89ed9d42fd6ccc2efed6ea005237c39dc451ed681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10201
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 09 Sep 2020 08:28:28 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"946-5f58922c-64ec4ad475fbce18;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa5ab06-YYZ
expires: Mon, 27 May 2024 15:26:43 GMT

GET
H3 200 jquery.min.js Show response
www.cira.ca/wordpress/wp-includes/js/jquery/ 86 KB
31 KB 79ms
74ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 366550
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
x-litespeed-tag: www.cira.ca_JS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"15601-64ecd5ef-29cd3e72ed556896;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa6ab06-YYZ
expires: Thu, 23 May 2024 08:15:48 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.cira.ca/wordpress/wp-includes/js/jquery/ 13 KB
5 KB 94ms
90ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 574415
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"3509-6482bd64-8a908ba2a5edf5e;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa7ab06-YYZ
expires: Tue, 21 May 2024 06:31:38 GMT

GET
H3 200 underscore.min.js Show response
www.cira.ca/wordpress/wp-includes/js/ 18 KB
8 KB 95ms
91ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"4991-63331441-9d740d361ecbdcdb;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa8ab06-YYZ
expires: Wed, 22 May 2024 07:00:02 GMT

GET
H3 200 backbone.min.js Show response
www.cira.ca/wordpress/wp-includes/js/ 24 KB
9 KB 95ms
92ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/backbone.min.js?ver=1.5.0

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
x-litespeed-tag: www.cira.ca_JS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Fri, 11 Aug 2023 16:12:21 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"5e4c-64d65de5-38c161e0b56e091a;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aa9ab06-YYZ
expires: Mon, 27 May 2024 11:15:38 GMT

GET
H3 200 front-end-deps.js Show response
www.cira.ca/plugins/ninja-forms/assets/js/min/ 71 KB
20 KB 96ms
92ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.7.0-alpha.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb90dc3c81cd2cc988c6ea608fd2fde3f6035f827e3c43d501656894844b934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
x-litespeed-tag: www.cira.ca_JS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Fri, 17 Nov 2023 16:44:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"11c85-65579853-6701bab1a33b8508;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aaaab06-YYZ
expires: Thu, 23 May 2024 06:35:08 GMT

GET
H3 200 front-end.js Show response
www.cira.ca/plugins/ninja-forms/assets/js/min/ 101 KB
23 KB 100ms
96ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.7.0-alpha.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec8981bf19b91cfe93cdf05505d253eea1a6aa8aeb5a6c47542f03eafc8fad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
x-litespeed-tag: www.cira.ca_JS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Fri, 17 Nov 2023 16:44:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"19570-65579853-b54ecc2d0850437a;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aacab06-YYZ
expires: Mon, 27 May 2024 11:15:38 GMT

GET
H3 200 nf-webhooks.js Show response
www.cira.ca/mu-plugins/cira/resources/scripts/ 379 B
757 B 101ms
97ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/mu-plugins/cira/resources/scripts/nf-webhooks.js?ver=202204111322

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c9e63904f6c360613152e04ff7ef85b2a8f0ac713fd1f9515b1dce3a84b32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 577432
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"17b-6633b642-2aff0187ca27e9a0;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aadab06-YYZ
expires: Wed, 22 May 2024 05:18:25 GMT

GET
H3 200 front-end.js Show response
www.cira.ca/plugins/ninja-forms-conditionals/assets/js/min/ 38 KB
10 KB 101ms
98ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-conditionals/assets/js/min/front-end.js?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

285901d045753c7cb137e35a37172e6198491edfe9584111c64a5a3bbfc144cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Wed, 21 Apr 2021 09:29:14 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"96cf-607ff06a-969cb4da7b71d665;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aaeab06-YYZ
expires: Mon, 27 May 2024 15:19:22 GMT

GET
H3 200 nf-analytics.js Show response
www.cira.ca/themes/cira/static/assets/scripts/ 1 KB
1 KB 112ms
109ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/assets/scripts/nf-analytics.js?ver=15.15.15

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579075681296d080e1b74e3f528b1a406e95a1e69ad29737ecdfdbfc68291363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"5e3-6633b642-b1df071f873cca6f;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82aafab06-YYZ
expires: Mon, 27 May 2024 04:29:50 GMT

GET
H3 200 nf-validation.js Show response
www.cira.ca/mu-plugins/cira/resources/scripts/ 6 KB
2 KB 113ms
110ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/mu-plugins/cira/resources/scripts/nf-validation.js?ver=202204111322

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ea453ff7e04ba207dbf6e519c68ac7948997bf61d579ecf135b1ec2af84c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 574415
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"16e6-6633b642-7a115d0133a63f55;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82ab1ab06-YYZ
expires: Wed, 22 May 2024 02:34:09 GMT

GET
H3 200 front-end.js Show response
www.cira.ca/plugins/ninja-forms-multi-part/assets/js/min/ 12 KB
4 KB 113ms
110ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-multi-part/assets/js/min/front-end.js?ver=3.0.26

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8b2714b548e2bcf132fdb1e061a740d5ad779ae2106b0064986b1c4065e9019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Fri, 17 Nov 2023 16:44:46 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"3106-6557987e-e860c2312a4de39c;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82ab2ab06-YYZ
expires: Sun, 26 May 2024 20:29:36 GMT

GET
H3 200 front-end.js Show response
www.cira.ca/plugins/ninja-forms-style/layouts/assets/js/min/ 8 KB
3 KB 114ms
111ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-style/layouts/assets/js/min/front-end.js?ver=3.0.29

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 579939
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Mon, 15 Feb 2021 08:48:30 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"1f1f-602a355e-4ed729656c1156d9;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82ab3ab06-YYZ
expires: Tue, 21 May 2024 04:52:25 GMT

GET
H3 200 nf-wphooks.js Show response
www.cira.ca/mu-plugins/cira/resources/scripts/ 377 B
758 B 114ms
111ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/mu-plugins/cira/resources/scripts/nf-wphooks.js?ver=202204111322

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160ed19ebb182edaaacb6da6e34c2559144779a35cc72d3bc8596775de7731e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 507542
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"179-6633b642-93fbbf933a05895;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82ab6ab06-YYZ
expires: Tue, 28 May 2024 11:25:59 GMT

GET
H3 200 language-cookie.js Show response
www.cira.ca/plugins/wpml-sitepress-multilingual-cms/res/js/cookies/ 271 B
645 B 33ms
33ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/wpml-sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.5

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10201
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 02 Aug 2023 12:37:34 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"10f-64ca4e0e-f9c7f7257b3248d9;br"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca8eb24ab06-YYZ
expires: Mon, 27 May 2024 11:38:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 367 KB
112 KB 85ms
84ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c4726314ff0c721eae691da1efb81bb153d3c86b927c5ace3091941a076f2a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114787
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H3 200 main.css
www.cira.ca/themes/cira/static/assets/styles/ 125 KB
21 KB 36ms
36ms Stylesheet
text/css 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/assets/styles/main.css?ver=15.15.15

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeadebdfa442cbb64742cfcf833991432ace586ce915a2974410f78db970f0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10050
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
x-litespeed-tag: www.cira.ca_CSS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"1f44a-6633b642-b8b8937f7468ea2b;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca8eb27ab06-YYZ
expires: Tue, 28 May 2024 14:12:06 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
966 B 140ms
55ms Script
text/javascript 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&onload=nfRenderRecaptcha&render=explicit&ver=3.7.0-alpha.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

GSE /

Resource Hash

10af60bd66a63ce357c21b135f38870e18bd67162a4a5988ccb28290c3943c56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H3 200 api-request.min.js Show response
www.cira.ca/wordpress/wp-includes/js/ 1023 B
1 KB 108ms
106ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/api-request.min.js?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 542811
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"3ff-625095f6-31674ae76a109f7c;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca82ab8ab06-YYZ
expires: Wed, 22 May 2024 10:29:20 GMT

GET
H3 200 wp-api.min.js Show response
www.cira.ca/wordpress/wp-includes/js/ 14 KB
5 KB 108ms
106ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/wordpress/wp-includes/js/wp-api.min.js?ver=6.4.2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 3112
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"395a-63dbe690-6ca441bd7c69379b;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca83ab9ab06-YYZ
expires: Mon, 03 Jun 2024 07:33:09 GMT

GET
H3 200 front-end.min.js Show response
www.cira.ca/plugins/ninja-forms-save-progress/assets/js/min/ 11 KB
4 KB 109ms
106ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/ninja-forms-save-progress/assets/js/min/front-end.min.js?ver=3.0.27

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

354c9fce63f49a64a4412b73cef464aa7865f0f0bcea6b182ecb5bf2a174bf0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 6203
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 08 Feb 2023 19:34:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"2bb8-63e3f942-9c641c32a4b33ee8;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca83abaab06-YYZ
expires: Mon, 27 May 2024 17:44:22 GMT

GET
H3 200 cira-filters.js Show response
www.cira.ca/mu-plugins/cira/resources/scripts/ 7 KB
3 KB 109ms
107ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/mu-plugins/cira/resources/scripts/cira-filters.js?ver=202204111322

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd63c3f96a7ef8ba66e5f8ca0ba6a6932b4ae1d1776d3540b5840df9e9a8115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 581175
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: miss
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"1a64-6633b642-ee097bc7d9a8f99;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca83abbab06-YYZ
expires: Mon, 27 May 2024 14:58:46 GMT

GET
H2 200 24135147.js Show response
js.hs-scripts.com/ 1 KB
1 KB 118ms
65ms Script
application/javascript 104.16.138.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24135147.js?integration=WordPress&ver=10.2.17

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.138.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a303bcf882c68c9b712005b4fa6f1380c79f433bc8837d3cba65892e07416303

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 805607f9-e062-424a-863e-104a519ee245
x-envoy-upstream-service-time: 5
content-length: 586
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 805607f9-e062-424a-863e-104a519ee245
last-modified: Mon, 27 May 2024 08:20:47 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cira.ca
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-m28qb
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 88a49ca88fbe36c9-YYZ
expires: Mon, 27 May 2024 08:26:31 GMT

GET
H3 200 instant_click.min.js Show response
www.cira.ca/plugins/litespeed-cache/assets/js/ 4 KB
2 KB 109ms
107ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.7.0.1

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10050
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Wed, 25 Oct 2023 17:53:10 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"e63-65395606-463dcc3baf7a8aa5;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca83abdab06-YYZ
expires: Mon, 27 May 2024 15:26:43 GMT

GET
H3 200 app.js Show response
www.cira.ca/themes/cira/static/assets/scripts/ 434 KB
150 KB 43ms
42ms Script
application/x-javascript 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/assets/scripts/app.js?ver=15.15.15

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b1044936351f36808a1e175020bb2b05524a7909520f1b48b4fa7faca26f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 10050
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"6c7de-6633b642-25a608600ace9f69;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca8eb26ab06-YYZ
expires: Tue, 28 May 2024 14:12:06 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 139ms
56ms Script
text/javascript 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdWM-kkAAAAAAOIrYg5ngG46QtbjZZiJQEnoyYj&hl=en

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

GSE /

Resource Hash

6331f81182a10e9ee365363c220469d03be36fd8b5075bf0d04e8b672e124ebc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H3 200 sprite.svg
www.cira.ca/themes/cira/static/assets/svgs/ 14 KB
5 KB 32ms
31ms Other
image/svg+xml 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/assets/svgs/sprite.svg

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016d7c97e2a432a71aba509d2b7f46dff71a98caa89eecf3ed69d54783c29884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 581040
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"3800-6633b642-50d3afeb22c4b7eb;br"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
cf-ray: 88a49ca8eb28ab06-YYZ
expires: Mon, 27 May 2024 15:01:01 GMT

GET
H2 200 embed-loader-min.js Show response
e.infogram.com/js/dist/ 11 KB
5 KB 127ms
36ms Script
application/javascript 18.154.227.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e.infogram.com/js/dist/embed-loader-min.js

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-128.iad55.r.cloudfront.net

Software

nginx /

Resource Hash

7a97c768969f73cb3d2dd6f04907f76eb3365be64d8a69d84b98a51ea244c2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 70e40bc3fbbdbf0242115d0ef383be56.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 2250
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 27 May 2024 07:06:24 GMT
server: nginx
etag: W/"2d5b-18fb8df2980"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=86400, public
timing-allow-origin: *
x-amz-cf-id: WtjNe85OlDlWNY5c9KVHwth81Pv0mHYsco7yPrX48bveuwpe-0jUjA==
expires: Tue, 28 May 2024 07:47:31 GMT

GET
H3 200 PPNeueMontreal-Regular.woff2
www.cira.ca/themes/cira/static/fonts/ 28 KB
29 KB 39ms
36ms Font
font/woff2 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/fonts/PPNeueMontreal-Regular.woff2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d3f9901ee27b047a43a8b0c322dead62fa52bcb2d01ba2287acd5f851a9221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Origin: https://www.cira.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 581040
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
content-length: 29045
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: "7175-6633b642-eb799cdb815e1957;;;"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
accept-ranges: bytes
cf-ray: 88a49ca93b52ab06-YYZ
expires: Mon, 27 May 2024 15:01:01 GMT

GET
H3 200 PPNeueMontreal-Medium.woff2
www.cira.ca/themes/cira/static/fonts/ 30 KB
31 KB 34ms
31ms Font
font/woff2 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/themes/cira/static/fonts/PPNeueMontreal-Medium.woff2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b454c4498eaa5b4b4e87abdf9279be749d93c839a21567698c65752ec713ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/en/?post_type=page&p=41471
Origin: https://www.cira.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none;
age: 580896
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
content-length: 30958
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
last-modified: Thu, 02 May 2024 15:50:26 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: "78ee-6633b642-436183fdd48ed1f5;;;"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
permissions-policy: geolocation=(self), payment=(self)
accept-ranges: bytes
cf-ray: 88a49ca93b54ab06-YYZ
expires: Fri, 24 May 2024 18:20:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 522 KB
207 KB 123ms
38ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&onload=nfRenderRecaptcha&render=explicit&ver=3.7.0-alpha.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Origin: https://www.cira.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 14:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211646
x-xss-protection: 0
last-modified: Mon, 20 May 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 May 2025 14:13:42 GMT

GET
H3 200 / Show response
www.cira.ca/en/wp-json/wp/v2/ 171 KB
10 KB 62ms
57ms XHR
application/json 104.22.74.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cira.ca/en/wp-json/wp/v2/

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.74.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

265e9923df08abc4d148689907120cb468583fc9b7d85ae8130753cb84c990e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cira.ca/en/?post_type=page&p=41471
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none;
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block;
referrer-policy: strict-origin-when-cross-origin
x-lsadc-cache: hit
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups;
etag: W/"1187688-1716798136;;;"
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
permissions-policy: geolocation=(self), payment=(self)
x-robots-tag: noindex
link: <https://www.cira.ca/en/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 88a49ca95b6aab06-YYZ

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 89ms
25ms Script
application/javascript 104.17.223.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24135147.js?integration=WordPress&ver=10.2.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
x-amz-version-id: 3uRfq0xkxtJ5qmNotyFivu_Hfg8U.PRS
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 36
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.562/bundles/pixels-release.js&cfRay=88a49bc528d5aab6-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 7a19320c-cf7e-428e-b247-ec43f3b6f9dd
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7a19320c-cf7e-428e-b247-ec43f3b6f9dd
last-modified: Thu, 23 May 2024 14:45:23 UTC
server: cloudflare
etag: W/"8c40e1f5f100c96c8a0884459629fdec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: MISS
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
cf-ray: 88a49ca9bee336cc-YYZ
x-amz-cf-id: x4C1yLrfxokg4p3FZi08UI6c215tgc0RUgPW_Owwrqd7LZj7Xh6P-w==
x-hs-target-asset: adsscriptloaderstatic/static-1.562/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/24135147/ 71 KB
26 KB 90ms
27ms Script
text/javascript 104.18.34.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/24135147/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24135147.js?integration=WordPress&ver=10.2.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a7291f5d596150047507ffe70e5550f8a2a3e1128cf83200ffa037230646a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
x-amz-version-id: G6WZhcT4W7Z0osvZuPBG50f7BuSgBRuU
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ZHEA274M250R9YRV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 92e7d8d1-e082-45a4-a1be-b55ca7548c95
age: 253
x-envoy-upstream-service-time: 50
x-amz-id-2: tuKMM37b4uibLZTIkZsnYtdqf0uf2+AUlb0nrMmwK8j9yTtuf7I75KytgUcQxVYbIG9TcuubT1w=
x-evy-trace-listener: listener_https
x-request-id: 92e7d8d1-e082-45a4-a1be-b55ca7548c95
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 17:12:05 GMT
server: cloudflare
etag: W/"f9bf731e156f9cf3c6c651d17bf63ba5"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.cira.ca
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 88a49ca9ac20aac2-YYZ
expires: Mon, 27 May 2024 08:25:48 GMT

GET
H2 200 24135147.js Show response
js.hs-analytics.net/analytics/1716798300000/ 67 KB
24 KB 137ms
82ms Script
text/javascript 104.17.175.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1716798300000/24135147.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/24135147.js?integration=WordPress&ver=10.2.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0404d05625dc8468f3dc75083dfbe0efa29215a26191264d210d0790b7dfaf3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 9W75AB4ZDJ2WNZRM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9f82c497-611e-4b72-9e9f-88ce0507b92e
x-envoy-upstream-service-time: 20
x-amz-id-2: mH8+sT9Uty4bpTqF6jWL0Wmwd/NUbATEZ/b5xMyd3BnfS1fmqbFLDw8A/u0IkHzuEWJ2FLHQlGc=
x-evy-trace-listener: listener_https
x-request-id: 9f82c497-611e-4b72-9e9f-88ce0507b92e
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 May 2024 16:26:49 GMT
server: cloudflare
etag: W/"ae6d39d1488eb7d9bc69b97a1c34bd23"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 88a49ca9af4bac0c-YYZ
expires: Mon, 27 May 2024 08:30:01 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 104ms
41ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H5VP7LWWHS&gtm=45je45m0v875372356za200&_p=1716798301462&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=390619008.1716798302&ecid=926327363&ul=en-ca&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1716798301&sct=1&seg=0&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&dt=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1101
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5VP7LWWHS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cira.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 124ms
45ms Ping
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5VP7LWWHS&cid=390619008.1716798302&gtm=45je45m0v875372356za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5VP7LWWHS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cira.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 89ms
47ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5VP7LWWHS&cid=390619008.1716798302&gtm=45je45m0v875372356za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1883561120

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
89 KB 55ms
54ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-612145349&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d78dff951b4797b39073abf99070bcc12327b8b218b7af91dab1f937f88705a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91345
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 57ms
57ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-989199633&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

307ca579c82fe960694bb92d96618651300569139eda8903759bc3d64446cfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83427
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 122ms
35ms Script
application/javascript 23.218.218.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.170 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-170.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=15333
accept-ranges: bytes
content-length: 16683

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 54ms
54ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10329013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

584eede42c52bc6426db081c13875e2198c9857dbe11574ace4e0d613bfca8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74144
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H2 200 24135147.js Show response
js.hs-scripts.com/ 1 KB
800 B 97ms
97ms Script
application/javascript 104.16.138.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/24135147.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.138.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0a20d6aaae6aca5924b12f1b341554d8642403928821e32106b16c3a480ca42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8e55862a-f370-4a2c-91ae-c6ce0ed50f5b
x-envoy-upstream-service-time: 4
content-length: 589
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8e55862a-f370-4a2c-91ae-c6ce0ed50f5b
last-modified: Mon, 27 May 2024 08:20:48 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cira.ca
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-gslvj
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 88a49cab08db36c9-YYZ
expires: Mon, 27 May 2024 08:26:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 120ms
36ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: b+5TR7Ovdo8zyxhZh7s3JlqRUGGvscN2fE6hvX6zFc+/cuo0M+0dP57yrM55RRXytMB9MDF4e797vTLQnrr6kg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3705975.js Show response
static.hotjar.com/c/ 9 KB
4 KB 199ms
116ms Script
application/javascript 18.160.41.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3705975.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-58.iad55.r.cloudfront.net

Software

Resource Hash

773dcbb6352a992a8b5ffcb740e4c088946aabf143bee0854468c5ddb915ad8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/4149bd2d1050302f8a245a13723f9143
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: s0gS9sizG7666iNF1wtWDNo6ELMOJ9RXR2VBCQTsW-N2vlNJbYz79g==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 57ms
57ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11468869269&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2f7cf2e229eda2d5c7195c48fc82e75fe4660ad550e83ff61a63c1028bf6a28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85100
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:01 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 132ms
50ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 27 May 2024 08:25:01 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 724343EC13364402A28595122EAB7325 Ref B: YTO01EDGE0818 Ref C: 2024-05-27T08:25:02Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 61ms
18ms Script
application/javascript 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 74ms
28ms Script
application/javascript 104.18.128.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.128.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
via: 1.1 e830c64a8809a708404ba54d59d32214.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: YUL62-C1
age: 161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 88a49cab5dea5419-YYZ
x-amz-cf-id: hyI_E7gQ0G3T3PDnF_7pH-xwbLpktDR6YffdrtfYJ_88kgw5ahzmuA==

GET
H2 200 highlight.js Show response
cdn.schemaapp.com/javascript/ 35 KB
11 KB 386ms
42ms Script
application/javascript 18.160.18.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.schemaapp.com/javascript/highlight.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB3G4GX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-117.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e8033d6b994f0e312cf49b282c4440d09d27a35197be0f17be8a2f72b42d1c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: giO6NlNZyvH.z3_zRdQ9fDQhFQB.pnqP
content-encoding: gzip
via: 1.1 7a5e7fb63610c502e6d20ae459e78942.cloudfront.net (CloudFront)
date: Mon, 27 May 2024 07:00:54 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: IAD12-P4
age: 5049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 May 2024 19:34:21 GMT
server: AmazonS3
etag: W/"367583a98ad9203c9df6db1b1d68f8da"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 9OotQSttf8bGHgPs_4-Eoz_xdQYMiQcFhIXBK7InhD9HrkifACpfVw==

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=tipkc45&ct=0:4g5162e&fmt=3&gtmcb=58385069
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjczMDhjOTctMjkwYi00Njk2LWE3ZWUtMjk2ZDkzZGRiNWUy&gdpr=0&gdpr_consent=&ttd_tdid=f7308c97-290b-4696-a7ee-296d9...

0
0

GET

getuid
ib.adnxs.com/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=iyu6owe&ct=0:hbf5fos&fmt=3/
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d7747636-5e28-4110-bd5f-f9c5eb6e050a

0
0

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1608882&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608882%26t%3D2

43 B
1 KB

37ms
36ms

Image
image/gif

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608882%26t%3D2

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Server

68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.cira.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:03 GMT
an-x-request-uuid: fdb903ef-78d5-45c7-be89-2735d2b430ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 154.47.17.2; 154.47.17.2; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:03 GMT
an-x-request-uuid: f2132b8b-6133-4f9a-9ac9-94b1a4ea35c2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1608882%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 154.47.17.2; 154.47.17.2; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 15498ms
95ms XHR
application/json 104.18.241.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=24135147

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.241.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914246303f81f93c09b8558bcdceaeef4c63b4a5d9a7dfb4f5c7d0f611818767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d25ab201-cb94-469c-9494-ddf99dc6d363
content-encoding: br
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d25ab201-cb94-469c-9494-ddf99dc6d363
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cira.ca
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-l2tws
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BNAD8GXvuNuJrRjPrf8HVBEwTpgNd8D0a7AcXZbXxcC4U3sq%2FFfpONGW36Lw0tVOGS48SEgf9K5pYe2hFHRwljYBWrA%2B1mLBN1Ir%2Bhz4Ktbb6%2FXNqck0sM%2BLDptuPf0"}],"group":"cf-nel","max_age":604800}
cf-ray: 88a49d0b7853ab00-YYZ
access-control-allow-headers: *

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 42ms
41ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-H5VP7LWWHS&gtm=45je45m0v875372356z8812674820za200&_p=1716798301462&gcd=13l3l3l3l1&npa=0&dma=0&cid=390619008.1716798302&ecid=926327363&ul=en-ca&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EAAC&_s=2&sid=1716798301&sct=1&seg=1&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&dt=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&en=page_view&_et=118&tfd=1244
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5VP7LWWHS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cira.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 4E9E 0
0 136ms
64ms Document
text/html 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdWM-kkAAAAAAOIrYg5ngG46QtbjZZiJQEnoyYj&co=aHR0cHM6Ly93d3cuY2lyYS5jYTo0NDM.&hl=en&v=joHA60MeME-PNviL59xVH9zs&size=invisible&cb=c047cefu2gpd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KZZr9ZOylxeBpOVVoW9iaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.cira.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KZZr9ZOylxeBpOVVoW9iaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 May 2024 08:25:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_106xdnq7/ 3 B
124 B 64ms
20ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_106xdnq7/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_106xdnq7_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 314ms
24ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_106xdnq7_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET rp.gif
alb.reddit.com/ 0
0

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
496 B 414ms
117ms Script
application/javascript 104.17.31.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=66298092&u=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.31.174 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

176eb55464bfb5e6ce8450e3777cdc51aa7d174ae707b4e18ec90407492f9c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 68
cf-ray: 88a49cadd87fac3c-YYZ

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/612145349/ 3 KB
1 KB 136ms
60ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612145349/?random=1716798302096&cv=11&fst=1716798302096&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612145349&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

38832228df81d927f2f9042732c76827673f4fc55851c3d3bbcfd9123f35ec4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16459851949/ 3 KB
1 KB 134ms
62ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16459851949/?random=1716798302109&cv=11&fst=1716798302109&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612145349&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

b5d3d4557050d52c566aa3f0f9464eb8239f100ea38d83c6f210924512631f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0....
10329013.fls.doubleclick.net/ Frame 2319
Redirect Chain

https://10329013.fls.doubleclick.net/activityi;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125...
https://10329013.fls.doubleclick.net/activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;ua...

0
0

100ms
99ms

Document
text/html

142.251.167.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10329013.fls.doubleclick.net/activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10329013&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.cira.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 422
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 May 2024 08:25:02 GMT
expires: Mon, 27 May 2024 08:25:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 May 2024 08:25:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10329013.fls.doubleclick.net/activityi;dc_pre=CI_a1Ie0rYYDFewTdgYd9EIJdA;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CCh...
ad.doubleclick.net/ 0
23 B 174ms
97ms Image
image/png 142.250.31.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10329013;type=hp;cat=na_pu0;ord=7257619408242;npa=0;auiddc=1052163440.1716798302;ps=1;pcor=1160909622;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z8812674820za201zb812674820;gcd=13l3l3l3l1;dma=0;epver=2;~oref=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471?

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9086705573322596446"}],"aggregatable_trigger_data":[{"filters":[{"14":["10243887"]}],"key_piece":"0x84c740eb8c3b9bb3","source_keys":["12","13","14","15","16","17","18","19","20","21","14571020","14571021","14571022","14571023","14572348","14572349","14572350","14572351","628818856","628818857","628818858","628818859","628881576","628881577","628881578","628881579"]},{"key_piece":"0x688e5c3e26331c57","not_filters":{"14":["10243887"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","14571020","14571021","14571022","14571023","14572348","14572349","14572350","14572351","628818856","628818857","628818858","628818859","628881576","628881577","628881578","628881579"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"14571020":327,"14571021":327,"14571022":327,"14571023":31784,"14572348":327,"14572349":327,"14572350":327,"14572351":31784,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628818856":218,"628818857":218,"628818858":218,"628818859":21189,"628881576":655,"628881577":655,"628881578":655,"628881579":63569},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2203122339975583441","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"source_type":["event"]},{"14":["10243887"],"24":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"23":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"25":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"26":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"27":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"28":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"9086705573322596446","filters":[{"14":["10243887"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9086705573322596446","filters":[{"source_type":["event"]},{"23":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9086705573322596446","filters":[{"24":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"9086705573322596446","filters":[{"25":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"9086705573322596446","filters":[{"26":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"9086705573322596446","filters":[{"27":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"9086705573322596446","filters":[{"28":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"9086705573322596446","filters":[{"29":["10243887"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"9086705573322596446","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10329013"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/989199633/ 3 KB
1 KB 74ms
51ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/989199633/?random=1716798302156&cv=11&fst=1716798302156&bg=ffffff&guid=ON&async=1&gtm=45be45m0z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-989199633&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

73e30e6e52a4d2f36f72dcc0b2b7ea1bf43b6b59755cb45ece657c07a52e03f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1444
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 460ms
137ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:01 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8576377E80664C29B32B8D8EC60BD13A Ref B: YTO01EDGE0809 Ref C: 2024-05-27T08:25:02Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYZa0D5C0f/Bpvu1U/3lw==
x-fs-uuid: 0006196b40f90b47ff069beed54ff797

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1395794%26time%3D1716798302163%26url%3Dhttps%253A%252F%252Fwww.cira.ca%252Fen%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true&liSync=true

0
163 B

116ms
116ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true&liSync=true
Requested by: Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.cira.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Mon, 27 May 2024 08:25:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 33E20F30CB49457BABB6725A1DE144CC Ref B: YTO01EDGE0815 Ref C: 2024-05-27T08:25:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYZa0Eqh1lYFmz2PD6oCA==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 27 May 2024 08:25:04 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYZa0EokDOMl+kq8NmUvg==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B4E4D9142E824FCBA01CE759872EB397 Ref B: YTO01EDGE0815 Ref C: 2024-05-27T08:25:05Z
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1395794&time=1716798302163&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
564 B 3258ms
81ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.cira.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D12984346CC2437AB273C6B8BAB39AE5 Ref B: YTO01EDGE0815 Ref C: 2024-05-27T08:25:05Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.cira.ca
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYZa0EkhWofL2Xlfn1eqA==

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11468869269/ 3 KB
2 KB 97ms
54ms Script
text/javascript 142.251.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11468869269/?random=1716798302182&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11468869269&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f155.1e100.net

Software

cafe /

Resource Hash

5d1bfb130d35cc52e2e532f788c9ec009dbcca539b7a2f031a8996e966a4395a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 343114390.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 51ms
50ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343114390.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4b204fbf363c9b9202e668630cfbaf6b164c101ce399dac22046ca6256851e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 27 May 2024 08:25:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EBDF2DBFA7BB4F1A8981D822D986EA1D Ref B: YTO01EDGE0818 Ref C: 2024-05-27T08:25:02Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
361 B 61ms
61ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343114390&tm=gtm002&Ver=2&mid=72aa2a5f-da1f-4225-b5cc-6d7574873e34&sid=9d0a54401c0211efb9dcadd3207625b9&vid=9d0a64c01c0211ef82ab05ba1de33c1a&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&p=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&r=&lt=980&evt=pageLoad&sv=1&rn=438438

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 May 2024 08:25:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC8A8B37BACC43B9835E5654D7460C17 Ref B: YTO01EDGE0818 Ref C: 2024-05-27T08:25:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 386382131989910 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 84ms
83ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/386382131989910?v=2.9.156&r=stable&domain=www.cira.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

052a54a46268802a066953130df40027e76b48110238c1f11e16a4a9e0b004a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=62, mss=1380, tbw=63376, tp=-1, tpl=-1, uplat=47, ullat=0
pragma: public
x-fb-debug: j566k5uoHUrPCBm/HaScfhUtsjKWctUUHDFsf6wGXq0wpWzWGDnmIGkQYksgR2y95gi+fcvXXNRZAWkpAF/UAA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.3b9efc26f753310c2bd8.js Show response
script.hotjar.com/ 222 KB
55 KB 7219ms
59ms Script
application/javascript 99.84.191.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3b9efc26f753310c2bd8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3705975.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-43.iad89.r.cloudfront.net

Software

Resource Hash

e38a10b784bbab6bd44a898366d659442244b7cb36a0550b4b5f3bf45ee62ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 07:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d19e64e406af1f88f7f96d9dcb2393ca.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 1862
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56148
last-modified: Mon, 27 May 2024 07:53:39 GMT
etag: "d223bb14f15e526ab6bce727b9d2ca28"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nnU2_HU3mjnT2hp55eEri6RhnMRWzOuBIMIgryepW0RER0HO6bszDg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/989199633/ 42 B
64 B 54ms
54ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/989199633/?random=1716798302156&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLLNjMqXsWHuovyDPMehn1eiOSp-LkPw&random=2778502406&rmt_tld=0&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/989199633/ 42 B
64 B 51ms
50ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/989199633/?random=1716798302156&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLLNjMqXsWHuovyDPMehn1eiOSp-LkPw&random=2778502406&rmt_tld=1&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/612145349/ 42 B
64 B 50ms
48ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/612145349/?random=1716798302096&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLHTZ8CQMwIgiMs9zdWr21pIplQht4Ww&random=2985800021&rmt_tld=0&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/612145349/ 42 B
64 B 51ms
50ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/612145349/?random=1716798302096&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLHTZ8CQMwIgiMs9zdWr21pIplQht4Ww&random=2985800021&rmt_tld=1&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 343114390 Show response
www.clarity.ms/tag/uet/ 816 B
1 KB 1237ms
88ms Script
application/x-javascript 13.107.246.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343114390
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343114390.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 665259ac6c27605e30adc98ca6d6db34f54493b780195f191892d7a1b778bcbf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 27 May 2024 08:25:03 GMT
x-azure-ref: 20240527T082503Z-1649b6bcb4c5dr9bvr5y9t21z40000000200000000004g3x
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 816
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 /
www.google.com/pagead/1p-user-list/16459851949/ 42 B
64 B 52ms
51ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16459851949/?random=1716798302109&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL988uCkhsse7ddn_0-lSZluyh2flBsQ&random=3064541203&rmt_tld=0&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/16459851949/ 42 B
64 B 49ms
49ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/16459851949/?random=1716798302109&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v893367270z8812674820za200zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL988uCkhsse7ddn_0-lSZluyh2flBsQ&random=3064541203&rmt_tld=1&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1164919620832151 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 72ms
71ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1164919620832151?v=2.9.156&r=stable&domain=www.cira.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

9905ff652e469a6375fc6f14f98144e0655265c6e581980e21bdb1b0523c9889

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4321, tp=9, tpl=0, uplat=35, ullat=0
pragma: public
x-fb-debug: PIwPN62eClELPCuhVM3ljFOYVwLf0MpBgug9NYz8XDR4vJYFWZ0N7F9RpxkuQW93U+JIZetxUNzYESXFJzVN/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 275ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=386382131989910&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302330&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1716798302326.347608295&cs_est=true&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&tm=1&rqm=GET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 293ms
70ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=386382131989910&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302330&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1716798302326.347608295&cs_est=true&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&tm=1&rqm=FGET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9f06c90762820234","source_keys":["1","2"]},{"key_piece":"0x8f60f4bf798e0c65","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 08:25:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=3145, tp=-1, tpl=-1, uplat=34, ullat=0
pragma: no-cache
x-fb-debug: mwNjIKxpznAbH0B7AXoIoDDrMB+ravmK0BLFO0ep6Z59+gfFJXbHdrefea7K3yfsAusal8HZRaNHDalbEa15VQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aHR0cHM6Ly93d3cuY2lyYS5jYQ Show response
cdn.schemaapp.com/highlighter/prod/v2/ 2 B
610 B 378ms
56ms Fetch
application/json 18.160.18.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.schemaapp.com/highlighter/prod/v2/aHR0cHM6Ly93d3cuY2lyYS5jYQ

Requested by

Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/highlight.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-117.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 06:50:28 GMT
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
via: 1.1 7b5972b440c3b8ed7f221569a5195fa4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: IAD12-P4
age: 5675
x-cache: Error from cloudfront
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
server: AmazonS3
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-source,x-amz-meta-accountid,x-amz-meta-url
accept-ranges: bytes
x-amz-cf-id: zZE7oY6h10686r1bky7pmE8NNR9Yi3kN8vInNpmRmpsbc424vDtunw==

GET
H3

200

/
www.google.ca/pagead/1p-conversion/11468869269/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&...
https://www.google.com/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&...
https://www.google.ca/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u...

42 B
64 B

52ms
52ms

Image
image/gif

142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI34LXh7SthgMVlC9oCB1AiAeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FGh0dHBzOi8vd3d3LmNpcmEuY2Ev&is_vtc=1&cid=CAQSKQDaQooLx6es0zFBPNw65LQBlgDQgEyUyLLra5DrW6coRB8cMMqxa2NW&eitems=ChEI8N7QsgYQ6Z2biKTljda5ARIdANID60sms0ywduTZCz5TfPIkJApaJwLuhhrSBak&random=2729091228&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.cira.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ca/pagead/1p-conversion/11468869269/?random=1585414559&cv=11&fst=1716798302182&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9174838811z8812674820za201zb812674820&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&label=ZBOKCLWxlocZEJWd5Nwq&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&value=0&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQJKJ2V2ZW50LXNvdXJjZSwgdHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI34LXh7SthgMVlC9oCB1AiAeXMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FGh0dHBzOi8vd3d3LmNpcmEuY2Ev&is_vtc=1&cid=CAQSKQDaQooLx6es0zFBPNw65LQBlgDQgEyUyLLra5DrW6coRB8cMMqxa2NW&eitems=ChEI8N7QsgYQ6Z2biKTljda5ARIdANID60sms0ywduTZCz5TfPIkJApaJwLuhhrSBak&random=2729091228&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 111ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=386382131989910&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302407&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1716798302326.347608295&cs_est=true&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&rqm=GET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
276 B 56ms
54ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=386382131989910&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302407&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1716798302326.347608295&cs_est=true&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&rqm=FGET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9f06c90762820234","source_keys":["1","2"]},{"key_piece":"0x8f60f4bf798e0c65","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 08:25:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=7521, tp=-1, tpl=-1, uplat=18, ullat=0
pragma: no-cache
x-fb-debug: RNk+JwjXVWcgfxXw2fyy9kqnxsbYESVudRQqsUBJBGXMwYB6/wXmd2VO6qGR0t5YLYrgxXNvQAb6QkW5p2/1mw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 37ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1164919620832151&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302408&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716798302326.347608295&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&rqm=GET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=6879, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 08:25:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
474 B 54ms
53ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1164919620832151&ev=PageView&dl=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&rl=&if=false&ts=1716798302408&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716798302326.347608295&ler=empty&cdl=API_unavailable&it=1716798302227&coo=false&rqm=FGET

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x87b2df1391f138ea","source_keys":["1","2"]},{"key_piece":"0xedf518781b2a17d8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 08:25:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=7025, tp=-1, tpl=-1, uplat=17, ullat=0
pragma: no-cache
x-fb-debug: TfmOm4SmKezLIxW33HKr0Aut3ZgK/Krv6/vGum8pbYjDnT5TgyPKTkLGtP4W8WIuBRT0eXn5Qq3M/x6i8z8uqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 3248ms
75ms Script
text/javascript 104.18.34.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=66298092&prismid=59980b08-b193-4a76-aa05-105b5fde91dd&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.28
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.28
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 11
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 88a49cc33a4dac4b-YYZ
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 49ms
49ms Script
application/javascript 13.107.246.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343114390
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:03 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240527T082503Z-1649b6bcb4c5dr9bvr5y9t21z40000000200000000004g3z
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f9519fa5-601e-0050-598a-adec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 148ms
77ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.cira.ca
Date: Mon, 27 May 2024 08:25:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 35ms
34ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.cira.ca
Date: Mon, 27 May 2024 08:25:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 57ms
57ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-372225899

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4b99f2b95d13891dfaf0a42e3952a290caf7c98980d39fab8023ec3f8831fd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83351
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 67ms
66ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-372225899&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5VP7LWWHS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

aa81691e81cf8863e2e444bccdf8809e92b3a6efab585969ca79075e3e1e853b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 08:25:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83353
x-xss-protection: 0
last-modified: Mon, 27 May 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 May 2024 08:25:17 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/372225899/ 4 KB
1 KB 61ms
61ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372225899/?random=1716798317690&cv=11&fst=1716798317690&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb875372356&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372225899

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

aeb8af90387dde6186848e1e9e98adaaa16c93cba46b07a585b5260ee7104afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1486
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/372225899/ 42 B
64 B 56ms
55ms Image
image/gif 142.251.163.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/372225899/?random=1716798317690&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb875372356&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLos14yllDkqux5yVvHPkeqqrhwMBDb08KZP7mbiRGwCsSXcNE&random=656624676&rmt_tld=0&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/372225899/ 42 B
64 B 54ms
53ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/372225899/?random=1716798317690&cv=11&fst=1716796800000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb875372356&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cira.ca%2Fen%2F%3Fpost_type%3Dpage%26p%3D41471&hn=www.googleadservices.com&frm=0&tiba=Contact%20a%20domain%20holder%20%E2%80%93%20CIRA&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1052163440.1716798302&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLos14yllDkqux5yVvHPkeqqrhwMBDb08KZP7mbiRGwCsSXcNE&random=656624676&rmt_tld=1&ipr=y

Requested by

Host: www.cira.ca
URL: https://www.cira.ca/en/?post_type=page&p=41471

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.cira.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 27 May 2024 08:25:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjczMDhjOTctMjkwYi00Njk2LWE3ZWUtMjk2ZDkzZGRiNWUy&gdpr=0&gdpr_consent=&ttd_tdid=f7308c97-290b-4696-a7ee-296d93ddb5e2

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d7747636-5e28-4110-bd5f-f9c5eb6e050a

Domain: alb.reddit.com
URL: https://alb.reddit.com/rp.gif?ts=1716798302063&id=t2_106xdnq7&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=ea222c1d-5375-4095-bab9-1e264e5b502b&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cira.ca/	1970-01-20 20:54:41	Name: __cflb Value: 02DiuHZrdk77NVhPuzHRzW8hMpQtxKgMCLZpBFnu7kp3W
www.cira.ca/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.cira.ca/	1970-01-21 06:29:18	Name: _ga Value: GA1.1.390619008.1716798302
.cira.ca/	1970-01-20 23:02:54	Name: _gcl_au Value: 1.1.1052163440.1716798302
.cira.ca/	1970-01-21 06:29:18	Name: _ga_H5VP7LWWHS Value: GS1.1.1716798301.1.1.1716798301.60.0.926327363
.adsrvr.org/	1970-01-21 05:38:54	Name: TDID Value: f7308c97-290b-4696-a7ee-296d93ddb5e2
.adsrvr.org/	1970-01-21 05:38:54	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIvOmkr7He_DwQBRgFKAEyCwiyxfvDp4z_PBAFQg8iDQgBEgkKBXRpZXIyEAFaB3RpcGtjNDVgAXIGZ29vZ2xl
.cira.ca/	1970-01-20 23:02:54	Name: _rdt_uuid Value: 1716798302061.ea222c1d-5375-4095-bab9-1e264e5b502b
.cira.ca/	1970-01-20 20:54:44	Name: _uetsid Value: 9d0a54401c0211efb9dcadd3207625b9
.cira.ca/	1970-01-21 06:14:54	Name: _uetvid Value: 9d0a64c01c0211ef82ab05ba1de33c1a
.bing.com/	1970-01-21 06:14:54	Name: MUID Value: 27B9992603EB6C6A2E1B8DAA02C16DB0
.bat.bing.com/	1970-01-20 21:03:23	Name: MR Value: 0
.doubleclick.net/	1970-01-20 21:36:30	Name: ar_debug Value: 1
.cira.ca/	1970-01-20 23:02:54	Name: _fbp Value: fb.1.1716798302326.347608295
.doubleclick.net/	1970-01-21 06:29:18	Name: IDE Value: AHWqTUkZX17hSQCXwzf8wqVGqdxAbh76bZgM82hJK44R7FNAo3TdZt9iP3dUF6s4oPw
.doubleclick.net/	1970-01-21 01:12:30	Name: receive-cookie-deprecation Value: 1
prism.app-us1.com/	1970-01-20 21:36:30	Name: prism_66298092 Value: 59980b08-b193-4a76-aa05-105b5fde91dd
.cira.ca/	1970-01-20 21:36:30	Name: prism_66298092 Value: 59980b08-b193-4a76-aa05-105b5fde91dd
.adnxs.com/	1970-01-20 23:02:54	Name: XANDR_PANID Value: EhqbCEayIZVI5tsAXPUXMTR5BdejA5QyQJJr1ywDHs9bSCVadAlrgo4IYTdrkAFlGfyZ5J_NyZNko24jSPFMd89c6Ch-rHqOniACfd-1hds.
.adnxs.com/	1970-01-21 06:29:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:02:54	Name: uuid2 Value: 2735787963448097095
.adnxs.com/	1970-01-20 23:02:54	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GUlKP=B4!@wnf-Te9(>wL5L!!'D6$b)ND
www.clarity.ms/	1970-01-21 05:38:54	Name: CLID Value: 6b59c82d268945bb8f28a0f57d7a0269.20240527.20250527
.cira.ca/	1970-01-21 05:38:54	Name: _clck Value: wivb2v%7C2%7Cfm4%7C0%7C1608
.cira.ca/	1970-01-20 20:54:44	Name: _clsk Value: 1dxe6d4%7C1716798303889%7C1%7C1%7Co.clarity.ms%2Fcollect
.linkedin.com/	1970-01-20 23:02:54	Name: li_sugr Value: 1b3aa878-da9b-40ea-919c-0f495075587a
.linkedin.com/	1970-01-21 05:38:54	Name: bcookie Value: "v=2&d54b93a0-17aa-47ff-8573-535cb11032b9"
.linkedin.com/	1970-01-20 20:54:44	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3200:u=1:x=1:i=1716798305:t=1716884705:v=2:sig=AQFP8ecdoDKL9YtI1JoaabYnE-zYYA1W"
.linkedin.com/	1970-01-20 21:36:30	Name: UserMatchHistory Value: AQJImGIyCwkEoAAAAY-5JzT2KbO4PzY2C4618QPjXQbmwZC0qPqqxMPAutFZyZ2S4y5Sw0VTYTj3IQ
.linkedin.com/	1970-01-20 21:36:30	Name: AnalyticsSyncHistory Value: AQINXwSk11rw3AAAAY-5JzT32yHOS2vcmgVLJ3hij3lBTE-HWv3CrvZdbbTCEQJee4t_q21rBMUpn_Uigo46PQ
.www.linkedin.com/	1970-01-21 05:38:54	Name: bscookie Value: "v=1&202405270825053ff845d4-6600-4d25-8d6d-623c2369da6dAQHXevDgvCTrtRnDPESP1Ya-xGLZfyiG"
.cira.ca/	1970-01-21 05:38:54	Name: _hjSessionUser_3705975 Value: eyJpZCI6ImJmZDlmYmEyLWE3NGYtNWE4Yi04ZGQ5LWU2NmM0Y2YwMzI0NCIsImNyZWF0ZWQiOjE3MTY3OTgzMDk1MzIsImV4aXN0aW5nIjp0cnVlfQ==
.cira.ca/	1970-01-20 20:53:20	Name: _hjSession_3705975 Value: eyJpZCI6IjM0MzU1YjNkLTE1YTYtNDBlOS04NzNjLTJiNTA2ZWQ5YmY3MyIsImMiOjE3MTY3OTgzMDk1MzMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

49 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.cira.ca/en/?post_type=page&p=41471 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10329013.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
analytics.google.com
api.hubapi.com
bat.bing.com
cdn.schemaapp.com
cm.g.doubleclick.net
connect.facebook.net
diffuser-cdn.app-us1.com
e.infogram.com
googleads.g.doubleclick.net
ib.adnxs.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
o.clarity.ms
pixel-config.reddit.com
prism.app-us1.com
px.ads.linkedin.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
star.ca
static.hotjar.com
stats.g.doubleclick.net
trackcmp.net
www.cira.ca
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
alb.reddit.com
cm.g.doubleclick.net
ib.adnxs.com
104.16.138.209
104.17.175.201
104.17.223.152
104.17.31.174
104.18.128.216
104.18.241.108
104.18.34.214
104.18.34.229
104.21.15.209
104.22.74.135
13.107.246.38
13.107.42.14
142.250.31.148
142.251.111.155
142.251.111.97
142.251.163.154
142.251.163.94
142.251.163.99
142.251.167.148
142.251.167.155
151.101.65.140
172.253.122.94
18.154.227.128
18.160.18.117
18.160.41.58
204.79.197.237
216.239.34.181
23.218.218.170
31.13.66.19
31.13.66.35
52.152.143.207
68.67.160.24
99.84.191.43
016d7c97e2a432a71aba509d2b7f46dff71a98caa89eecf3ed69d54783c29884
052a54a46268802a066953130df40027e76b48110238c1f11e16a4a9e0b004a3
081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b
09d3d1a2b0c3072550f34d2b1ef5aa8c743ffa1ae9209ec0eb6423d730032dec
10814d726a869586d3d8676bfaeed9f04e32b58bda2e1dde3f50a87ada14657b
10af60bd66a63ce357c21b135f38870e18bd67162a4a5988ccb28290c3943c56
160ed19ebb182edaaacb6da6e34c2559144779a35cc72d3bc8596775de7731e6
176eb55464bfb5e6ce8450e3777cdc51aa7d174ae707b4e18ec90407492f9c2d
1a234275545ba883616ac6b4151a0f06d9bb097146e806e40317a263bbf1c51e
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
20ea453ff7e04ba207dbf6e519c68ac7948997bf61d579ecf135b1ec2af84c03
265e9923df08abc4d148689907120cb468583fc9b7d85ae8130753cb84c990e4
27b1044936351f36808a1e175020bb2b05524a7909520f1b48b4fa7faca26f57
285901d045753c7cb137e35a37172e6198491edfe9584111c64a5a3bbfc144cf
2ec8981bf19b91cfe93cdf05505d253eea1a6aa8aeb5a6c47542f03eafc8fad0
2f7cf2e229eda2d5c7195c48fc82e75fe4660ad550e83ff61a63c1028bf6a28f
307ca579c82fe960694bb92d96618651300569139eda8903759bc3d64446cfee
34d3f9901ee27b047a43a8b0c322dead62fa52bcb2d01ba2287acd5f851a9221
354c9fce63f49a64a4412b73cef464aa7865f0f0bcea6b182ecb5bf2a174bf0a
38832228df81d927f2f9042732c76827673f4fc55851c3d3bbcfd9123f35ec4d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b99f2b95d13891dfaf0a42e3952a290caf7c98980d39fab8023ec3f8831fd05
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
536063834edf9cd4a676faefcb925047d4614afa09723ac05cc47344eb5d9d87
54b454c4498eaa5b4b4e87abdf9279be749d93c839a21567698c65752ec713ef
579075681296d080e1b74e3f528b1a406e95a1e69ad29737ecdfdbfc68291363
584eede42c52bc6426db081c13875e2198c9857dbe11574ace4e0d613bfca8d7
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5a7dcfad63558edf4150fd00888efa5eb8acaac2cf93fe687e250e2096b3cdaf
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5d1bfb130d35cc52e2e532f788c9ec009dbcca539b7a2f031a8996e966a4395a
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
60731d173912c7410571e9f73c7aa0d7344115e361379e68436917a074e28599
6331f81182a10e9ee365363c220469d03be36fd8b5075bf0d04e8b672e124ebc
665259ac6c27605e30adc98ca6d6db34f54493b780195f191892d7a1b778bcbf
6cd63c3f96a7ef8ba66e5f8ca0ba6a6932b4ae1d1776d3540b5840df9e9a8115
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
73e30e6e52a4d2f36f72dcc0b2b7ea1bf43b6b59755cb45ece657c07a52e03f1
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
773dcbb6352a992a8b5ffcb740e4c088946aabf143bee0854468c5ddb915ad8f
7a97c768969f73cb3d2dd6f04907f76eb3365be64d8a69d84b98a51ea244c2b7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8577df598f439b9602bfec90eb2c2a654dbb3bd1922ad1d768d6ca3aef58c825
85a7291f5d596150047507ffe70e5550f8a2a3e1128cf83200ffa037230646a3
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
90554181b9d143453475bb69bbce45d406f2d2119409db9b71da8552536681a7
914246303f81f93c09b8558bcdceaeef4c63b4a5d9a7dfb4f5c7d0f611818767
947960adcbb708c908d60c1fb55b6c617e11c93876ecf9f525f13accf7ddb591
9905ff652e469a6375fc6f14f98144e0655265c6e581980e21bdb1b0523c9889
a0404d05625dc8468f3dc75083dfbe0efa29215a26191264d210d0790b7dfaf3
a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e
a303bcf882c68c9b712005b4fa6f1380c79f433bc8837d3cba65892e07416303
a4b204fbf363c9b9202e668630cfbaf6b164c101ce399dac22046ca6256851e6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa81691e81cf8863e2e444bccdf8809e92b3a6efab585969ca79075e3e1e853b
aeb8af90387dde6186848e1e9e98adaaa16c93cba46b07a585b5260ee7104afb
b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929
b5d3d4557050d52c566aa3f0f9464eb8239f100ea38d83c6f210924512631f01
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4726314ff0c721eae691da1efb81bb153d3c86b927c5ace3091941a076f2a5e
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf7391b5c06a56e0f70f64b89ed9d42fd6ccc2efed6ea005237c39dc451ed681
d78dff951b4797b39073abf99070bcc12327b8b218b7af91dab1f937f88705a7
dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e38a10b784bbab6bd44a898366d659442244b7cb36a0550b4b5f3bf45ee62ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8033d6b994f0e312cf49b282c4440d09d27a35197be0f17be8a2f72b42d1c10
e8b2714b548e2bcf132fdb1e061a740d5ad779ae2106b0064986b1c4065e9019
e8c9e63904f6c360613152e04ff7ef85b2a8f0ac713fd1f9515b1dce3a84b32f
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eeadebdfa442cbb64742cfcf833991432ace586ce915a2974410f78db970f0ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a20d6aaae6aca5924b12f1b341554d8642403928821e32106b16c3a480ca42
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312
ffb90dc3c81cd2cc988c6ea608fd2fde3f6035f827e3c43d501656894844b934

www.cira.ca Open in urlscan Pro 104.22.74.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

0 %IPv6

27 Domains

38 Subdomains

33 IPs

2 Countries

1707 kBTransfer

5357 kBSize

33 Cookies

9 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cira.ca Open in urlscan Pro
104.22.74.135 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

0 %
IPv6

27
Domains

38
Subdomains

33
IPs

2
Countries

1707 kB
Transfer

5357 kB
Size

33
Cookies

108 HTTP transactions
0 data transactions