urlscan.io logo urlscan.io
SecurityTrails logo

o.canada.com Open in urlscan Pro
34.111.249.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://canada.com/
Effective URL: https://o.canada.com/
Submission: On May 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 12 countries across 63 domains to perform 363 HTTP transactions. The main IP is 34.111.249.109, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is o.canada.com. The Cisco Umbrella rank of the primary domain is 569412.
TLS certificate: Issued by GTS CA 1D4 on April 17th 2023. Valid for: 3 months.
This is the only time o.canada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.111.67.160 396982 (GOOGLE-CL...)
2 34.111.249.109 396982 (GOOGLE-CL...)
19 34.149.157.221 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 104.18.11.47 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
3 13.224.192.181 16509 (AMAZON-02)
2 104.80.242.37 16625 (AKAMAI-AS)
1 13.225.78.97 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.112.45 16509 (AMAZON-02)
21 34.117.54.29 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.192.8.210 14618 (AMAZON-AES)
4 52.223.40.198 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 23.215.22.18 16625 (AKAMAI-AS)
2 52.200.53.223 14618 (AMAZON-AES)
1 35.241.9.51 15169 (GOOGLE)
5 185.89.211.84 29990 (ASN-APPNEX)
1 104.19.150.54 13335 (CLOUDFLAR...)
10 34.107.254.252 396982 (GOOGLE-CL...)
6 34.251.254.130 16509 (AMAZON-02)
1 13.32.119.77 16509 (AMAZON-02)
1 216.52.2.16 30282 (AS-INAPCD...)
3 2a02:2638:d::a 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 34.98.64.218 396982 (GOOGLE-CL...)
2 2602:803:c003... 26667 (RUBICONPR...)
3 104.18.25.185 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
10 12 142.250.185.130 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
16 20 2600:9000:225... 16509 (AMAZON-02)
24 2a04:4e42:400... 54113 (FASTLY)
48 52.28.203.152 16509 (AMAZON-02)
12 52.29.223.111 16509 (AMAZON-02)
4 18.185.12.185 16509 (AMAZON-02)
5 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 5 13.225.34.25 16509 (AMAZON-02)
5 2a04:4e42:600... 54113 (FASTLY)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.24.185 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:249... 16509 (AMAZON-02)
5 2a04:4e42:200... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 216.137.44.94 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.155.18.159 16509 (AMAZON-02)
2 13.32.110.125 16509 (AMAZON-02)
1 13.32.145.5 16509 (AMAZON-02)
5 162.55.144.218 24940 (HETZNER-AS)
1 34.233.181.241 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 116.202.32.62 24940 (HETZNER-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
12 2600:1f18:1ac... 14618 (AMAZON-AES)
2 3.75.77.244 16509 (AMAZON-02)
2 104.64.126.246 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 23.32.184.192 16625 (AKAMAI-AS)
2 8 185.80.39.216 27381 (CASALE-MEDIA)
1 2 198.47.127.19 3257 (GTT-BACKB...)
3 5 52.46.128.147 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
5 5 37.157.4.28 198622 (ADFORM)
1 1 3.71.149.231 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 2 213.155.156.180 1299 (TWELVE99 ...)
3 5 52.95.125.22 16509 (AMAZON-02)
1 54.73.17.68 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 18.66.97.128 16509 (AMAZON-02)
1 35.204.74.118 396982 (GOOGLE-CL...)
3 6 69.173.144.138 26667 (RUBICONPR...)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 185.64.190.81 ()
363 97
1    34.111.67.160 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.67.111.34.bc.googleusercontent.com
canada.com
2    34.111.249.109 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.249.111.34.bc.googleusercontent.com
o.canada.com
19    34.149.157.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.157.149.34.bc.googleusercontent.com
smartcdn.gprod.postmedia.digital
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    104.80.242.37 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-242-37.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
1    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
cdn.adsafeprotected.com
1    2606:4700:e6::ac40:c60b (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
2    2606:4700:10::6816:48e8 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.lrcontent.com
1    18.66.112.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-45.fra56.r.cloudfront.net
ak.sail-horizon.com
21    34.117.54.29 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 29.54.117.34.bc.googleusercontent.com
fem.gprod.postmedia.digital
dcs-static.gprod.postmedia.digital
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1    34.192.8.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-8-210.compute-1.amazonaws.com
idx.liadm.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    52.200.53.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-53-223.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
5    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
6    34.251.254.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
postmedia-d.openx.net
u.openx.net
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
12    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
20    2600:9000:225e:d600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
24    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
48    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
12    52.29.223.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    18.185.12.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
postmedia.hub.loginradius.com
5    2600:9000:223c:3c00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
7    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    13.225.34.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-25.cdg3.r.cloudfront.net
sb.scorecardresearch.com
5    2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)
jssdkcdns.mparticle.com
identity.mparticle.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2600:1f18:44f0:4848:aac8:30d6:df6f:8ad (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2600:9000:2491:1000:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
5    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
jssdks.mparticle.com
7    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    216.137.44.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-44-94.lhr61.r.cloudfront.net
get.s-onetag.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    13.32.110.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-125.vie50.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.32.145.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-5.cdg50.r.cloudfront.net
signal-beacon.s-onetag.com
5    162.55.144.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy04.cl03.het.mrf.io
events.newsroom.bi
1    34.233.181.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-181-241.compute-1.amazonaws.com
i.viafoura.co
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    116.202.32.62 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy03.cl03.het.mrf.io
compassdata.mrf.io
2    2606:4700:10::ac43:835 (United States)

ASN13335 (CLOUDFLARENET, US)
config.lrcontent.com
4    2600:9000:223f:b400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
12    2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    3.75.77.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-77-244.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
5    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a05:d018:d29:3602:d99:851:e872:10fe (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.73.17.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-17-68.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    18.66.97.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-128.fra56.r.cloudfront.net
a.audrte.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
51 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1439
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
15 KB
40 postmedia.digital
smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 82712
fem.gprod.postmedia.digital — Cisco Umbrella Rank: 114686
dcs-static.gprod.postmedia.digital — Cisco Umbrella Rank: 95822
629 KB
23 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3489
pixel.adsafeprotected.com — Cisco Umbrella Rank: 685
static.adsafeprotected.com — Cisco Umbrella Rank: 595
dt.adsafeprotected.com — Cisco Umbrella Rank: 569
210 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
169 KB
21 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2561
entitlements.jwplayer.com — Cisco Umbrella Rank: 3557
63 KB
19 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3584
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5370
762 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 2944
ads.rubiconproject.com — Cisco Umbrella Rank: 2462
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2861
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
token.rubiconproject.com — Cisco Umbrella Rank: 573
252 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
68 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
273 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image2.pubmatic.com — Cisco Umbrella Rank: 820
simage4.pubmatic.com
27 KB
12 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 928
1 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 500
as-sec.casalemedia.com — Cisco Umbrella Rank: 1710
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
9 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2499
api.permutive.com — Cisco Umbrella Rank: 1909
googlesync.permutive.com — Cisco Umbrella Rank: 8695
36 KB
10 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 5699
identity.mparticle.com — Cisco Umbrella Rank: 2817
jssdks.mparticle.com — Cisco Umbrella Rank: 5147
59 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3686
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
383 KB
7 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2702
286 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 723
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
dis.criteo.com — Cisco Umbrella Rank: 575
8 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 583
23 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
77 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
dmp.adform.net — Cisco Umbrella Rank: 2844
3 KB
5 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 9675
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
4 KB
5 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10741
199 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
2 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4028
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5193
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5368
21 KB
4 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11231
i.viafoura.co — Cisco Umbrella Rank: 11046
4 KB
4 loginradius.com
postmedia.hub.loginradius.com — Cisco Umbrella Rank: 119488
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
1 KB
4 lrcontent.com
auth.lrcontent.com — Cisco Umbrella Rank: 51425
config.lrcontent.com — Cisco Umbrella Rank: 21365
94 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
storage.googleapis.com — Cisco Umbrella Rank: 395
imasdk.googleapis.com — Cisco Umbrella Rank: 437
516 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26468
897 B
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 12101
compassdata.mrf.io — Cisco Umbrella Rank: 48999
40 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
www.google.de — Cisco Umbrella Rank: 6080
1 KB
3 openx.net
postmedia-d.openx.net — Cisco Umbrella Rank: 128490
u.openx.net — Cisco Umbrella Rank: 619
671 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
41 KB
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 620
cdn.indexww.com — Cisco Umbrella Rank: 1458
43 KB
3 canada.com
canada.com — Cisco Umbrella Rank: 389611
o.canada.com — Cisco Umbrella Rank: 569412
112 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
562 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
254 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
107 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2673
p1.parsely.com — Cisco Umbrella Rank: 2010
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
137 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2816
495 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677
450 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
2 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
613 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
265 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
795 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
737 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 25580
269 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1528
424 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
17 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3007
73 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
400 B
1 prmutv.co
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co — Cisco Umbrella Rank: 148954
390 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1067
17 KB
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3930
472 B
1 permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app — Cisco Umbrella Rank: 121843
123 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2903
33 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7026
3 KB
0 33across.com Failed
lexicon.33across.com Failed
363 63
Domain Requested by
48 c2shb.ssp.yahoo.com js-sec.indexww.com
20 cdn.jwplayer.com 16 redirects dcs-static.gprod.postmedia.digital
cdn.jwplayer.com
ssl.p.jwpcdn.com
19 smartcdn.gprod.postmedia.digital o.canada.com
17 dcs-static.gprod.postmedia.digital o.canada.com
dcs-static.gprod.postmedia.digital
16 assets-jpcust.jwpsrv.com
12 dt.adsafeprotected.com
12 btlr.sharethrough.com js-sec.indexww.com
12 cm.g.doubleclick.net 10 redirects
9 api.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
8 securepubads.g.doubleclick.net o.canada.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 www.googletagmanager.com fem.gprod.postmedia.digital
jssdkcdns.mparticle.com
www.googletagmanager.com
7 ssl.p.jwpcdn.com cdn.jwplayer.com
6 pixel.rubiconproject.com 3 redirects
6 pixel.adsafeprotected.com cdn.adsafeprotected.com
o.canada.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 events.newsroom.bi sdk.mrf.io
5 jssdks.mparticle.com jssdkcdns.mparticle.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 sb.scorecardresearch.com 1 redirects fem.gprod.postmedia.digital
5 cdn.viafoura.net fem.gprod.postmedia.digital
cdn.viafoura.net
5 ib.adnxs.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
micro.rubiconproject.com
js-sec.indexww.com
acdn.adnxs.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 4 redirects
4 static.adsafeprotected.com pixel.adsafeprotected.com
o.canada.com
4 www.google.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 identity.mparticle.com jssdkcdns.mparticle.com
4 postmedia.hub.loginradius.com fem.gprod.postmedia.digital
auth.lrcontent.com
4 match.adsrvr.org js-sec.indexww.com
ssum-sec.casalemedia.com
ads.pubmatic.com
4 fem.gprod.postmedia.digital o.canada.com
fem.gprod.postmedia.digital
3 token.rubiconproject.com 3 redirects
3 simage2.pubmatic.com ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 videos-cloudfront-usp.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com cdn.jwplayer.com
www.gstatic.com
3 api.viafoura.co cdn.viafoura.net
3 htlb.casalemedia.com micro.rubiconproject.com
js-sec.indexww.com
3 bidder.criteo.com micro.rubiconproject.com
static.criteo.net
3 fonts.gstatic.com fonts.googleapis.com
3 c.amazon-adsystem.com o.canada.com
c.amazon-adsystem.com
3 static.criteo.net o.canada.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com micro.rubiconproject.com
ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 config.lrcontent.com auth.lrcontent.com
2 www.facebook.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 www.google.de
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net o.canada.com
connect.facebook.net
2 sdk.mrf.io o.canada.com
sdk.mrf.io
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 gum.criteo.com 1 redirects static.criteo.net
2 api.sail-personalize.com ak.sail-horizon.com
2 fastlane.rubiconproject.com micro.rubiconproject.com
2 postmedia-d.openx.net micro.rubiconproject.com
js-sec.indexww.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.jsdelivr.net micro.rubiconproject.com
securepubads.g.doubleclick.net
2 auth.lrcontent.com o.canada.com
cdn.viafoura.net
2 js-sec.indexww.com o.canada.com
micro.rubiconproject.com
2 o.canada.com dcs-static.gprod.postmedia.digital
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ups.analytics.yahoo.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 s.company-target.com 1 redirects
1 u.openx.net micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 compassdata.mrf.io sdk.mrf.io
1 i.viafoura.co cdn.viafoura.net
1 signal-beacon.s-onetag.com get.s-onetag.com
1 p1.parsely.com
1 cdn.parsely.com www.googletagmanager.com
1 get.s-onetag.com www.googletagmanager.com
1 76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 s0.2mdn.net imasdk.googleapis.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 prd.jwpltx.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 jssdkcdns.mparticle.com fem.gprod.postmedia.digital
1 storage.googleapis.com dcs-static.gprod.postmedia.digital
1 mug.criteo.com
1 googlesync.permutive.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.permutive.com 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
1 secure.cdn.fastclick.net o.canada.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 idx.liadm.com js-sec.indexww.com
1 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app fem.gprod.postmedia.digital
1 ak.sail-horizon.com o.canada.com
1 www.npttech.com o.canada.com
1 cdn.adsafeprotected.com o.canada.com
1 micro.rubiconproject.com o.canada.com
1 fonts.googleapis.com o.canada.com
1 canada.com 1 redirects
0 lexicon.33across.com Failed micro.rubiconproject.com
363 118
Subject Issuer Validity Valid
canada.com
GTS CA 1D4		 2023-04-17 -
2023-07-16		 3 months crt.sh
gprod.postmedia.digital
GTS CA 1D4		 2023-05-08 -
2023-08-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-06 -
2023-10-05		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.loginradius.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-29 -
2023-12-15		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
viafoura.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-06		 7 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2023-05-02 -
2024-06-02		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-07-09 -
2023-07-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
jssdks.mparticle.com
Go Daddy Secure Certificate Authority - G2		 2022-09-15 -
2023-10-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-06 -
2023-06-04		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
ssl02.cert.cl03.k8s.mrf.io
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 25 frames:

Primary Page: https://o.canada.com/
Frame ID: 7264C862D56368DA944B80045DD0C552
Requests: 282 HTTP requests in this frame

Frame: https://fem.gprod.postmedia.digital/v82.0/xd.html
Frame ID: 7973E9258D61052CC7DA0692E700BC25
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Frame ID: 575ED942410E0EC14F6ECBE83D2C4C66
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en_ca.html
Frame ID: 173A81509084FE9C015F083F74939C5A
Requests: 1 HTTP requests in this frame

Frame: https://76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63BB1809ED0EAB167B3D9FFBB8D0031F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FE8DDEF47D63757E1D0939A47E2669E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F9B5EEE4D83DB3F10D9BD3AED0E3AA2
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138430359159&pubOrder=3184962652&cb=1183457747&custom=index&custom2=1&adsafe_par&impId=1bd71d0b-fcc6-11ed-a226-02caf40e7d43
Frame ID: 00939B25C1C4A15927C6C7A6B857196C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuU2kIYgvyoLmGzRMfq4Ml-3qFzo7TIAcMGwCyuNhLrPQ3TIfx_ELXMUvmeUuMjvF7tppohfDaY4OrBLgUWeQVBb48aI4Ol9DJ2t4dHgE6A7yEChAICz2l30n4S0Tp5xMyr-KnMZBV-pdNutxD5ChY3jxQj7-T1Y6tDfrinxEKXMwD-h8yECkHsHikJ0fSDhnwt73sAJmul974aqlbE9QV2JcRKi_8DjC_mHzzoxzSDfHKMSyoulNmL1G5scdrbkr9g9HI2L94cDdnGELNDVnOuv6SPR9VT6561YPfKbDUYi3sRVMJaakvmF8&sai=AMfl-YRxE35TtI2wdYh6Pc6Yjos3bE6TtVIcqnzjuIlwiUu6Q9YFbmrt29psSPFxi61MIue16vYYASxhqbkuUcgkXXFYsQqTlLUnRH43RrVjEny_OMeG86l91f08ZZz0aJ8&sig=Cg0ArKJSzKEuRULa4lO0EAE&uach_m=[UACH]&adurl=
Frame ID: EE2A4D60A172B240925461EEC1CBAE3C
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=528341539&custom=index&custom2=2&adsafe_par&impId=1bd71d0c-fcc6-11ed-a226-02caf40e7d43
Frame ID: A9A2D503C836B08DBF74E60FD138CC9A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRQ_jl6tfpBTNYOTzIjBKhTFz5u_7qQ9_DzZS6xeqa7JBjsYVnhqvMZV_2k7B8gQcbkwuaknLPU7I2KAt6CorYvgnu9zOFIN83P1THWPx-m_IPHZBeVZXbSq_2Za280oWlLSbNty8ZnxG1hVJDc3h_LufHcLhr-copOBGJ1RP1cGlG2G4dTpTtT3VFeiPsNr8utlEaHq2McInu1TMOW4T-E0b4f2IjoHFoo6Rh7vNUPAwSDUZKTsVxMAbMHDW2DKb_ju7CeeTTaeibKe1JK-zuYZav1AG_lr4eS_0gebR9uxBRDR_1GXZdQsM&sai=AMfl-YTWEivAhmeoM1hfVT3s-AljSLFRxHhSG5bh-Lbt7rV6nsABNws3OZW30lNVwgoP9NtrJL5p0kkiXRJ3OO6K4BIaP0awrmgv9dgY95xTqtXtZ-p1U37lTl9UrQjV5KI&sig=Cg0ArKJSzKec_XObjkwEEAE&uach_m=[UACH]&adurl=
Frame ID: 8F4668D7F257C05BF4A4749D30C9E113
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 92B9D46BE0B5D00B824024B1F6122889
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5E4853976D5FCE0AB4795C4CFE3195EC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7CA674A866D87353B08BC43455C8A958
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CFE315F65ACEB8E42A4CB3D0F19C8038
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79A1ECE394ED82C4C023EA27F6D96CE4
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6C91D20FAD90B130F7215F3ECD97611
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2FC51EBE61619B991184FDCB12D6A0D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Frame ID: 7CAB1BB8DA60797ADD943F1B58825A01
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E72A33690729010DC4EF632B50E777B3
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dee66472-5c51-4e00-b6c5-59c34367aff5&gdpr=0&gdpr_consent=
Frame ID: C1B34B106B4773AE1EE1494528BBF9FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727957896774
Frame ID: B6ADF35B681B6E1D9D04606E4879CCC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 3B6180631CE896C05F35844EECA3B919
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1558205017748566014
Frame ID: CA7B2B7D1E3C106BF7D86FC28FF848E4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 231642B72707264EEC8C367E564320A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada.Com | Homepage | Canada.ComCanada.comUser

Page URL History Show full URLs

  1. https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

363
Requests

88 %
HTTPS

38 %
IPv6

63
Domains

118
Subdomains

97
IPs

12
Countries

4900 kB
Transfer

14755 kB
Size

76
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://canada.com/ HTTP 301
    https://o.canada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESELqA1zHWdNRtN7btFRLQBqs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_cver=1
Request Chain 90
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=WWxDL3x6R0ZVUWhRQllNSVJwdDFvQmNWUDJ2RGRhQTMycFRBaFFZOHc3Kzl4eGw3cjRSN3ZjM1h4Z0U5bWVZWXVDM1RmWmtnUi9XUVlpeGxhVmNCaHkzd0dRVjZIaDZESzJLMFN6bzdLa3lOYy9hUUU2bzd3VXJ6T3BMaWRhMDE1WFV6V0hTWFFDR2lvYUpMVTl6S09YNTFmOTVaRXl3MktYQlNFdXNmVHhxOS9GWVBNZ1M4YVZlRzR1VVlaaHZlcmpCMi9FRVZzMUwyODMybDlTQlRCd0hyQ3dTM3UzcTlnbnRhTHhGdXpIRElpSWlsZW1peklZTytJcm5SUTlsSUpDU2szcFNaUFY5Y0hDVW9vb1NLSjZJNHNoQT09fA&cppv=2
Request Chain 93
  • https://cdn.jwplayer.com/v2/media/i1NwCb4d/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-320.jpg
Request Chain 94
  • https://cdn.jwplayer.com/v2/media/p5FnRyz1/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/4NGoCqww-320.jpg
Request Chain 95
  • https://cdn.jwplayer.com/v2/media/Vh55oi1l/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/sIeJ215f-320.jpg
Request Chain 96
  • https://cdn.jwplayer.com/v2/media/kAvaUp45/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/P6eQ4G6L-320.jpg
Request Chain 97
  • https://cdn.jwplayer.com/v2/media/EDUYXJaI/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/vm68jiec-320.jpg
Request Chain 98
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
Request Chain 99
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
Request Chain 100
  • https://cdn.jwplayer.com/v2/media/NHIZTWRz/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
Request Chain 101
  • https://cdn.jwplayer.com/v2/media/pk7viBG8/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
Request Chain 102
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=320 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-320.jpg
Request Chain 186
  • https://cdn.jwplayer.com/tracks/2aEOTZp7.srt HTTP 301
  • https://assets-jpcust.jwpsrv.com/tracks/2aEOTZp7.srt
Request Chain 188
  • https://cdn.jwplayer.com/strips/YXE9HtHO-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.vtt
Request Chain 192
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-720.jpg
Request Chain 193
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-640.jpg
Request Chain 215
  • https://cdn.jwplayer.com/strips/YXE9HtHO-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.jpg
Request Chain 234
  • https://sb.scorecardresearch.com/c2/10276888/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 255
  • https://cdn.jwplayer.com/v2/media/i1NwCb4d/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-120.jpg
Request Chain 325
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 330
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZHJcUX3GMXWIqcTyS1gaHAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHVkFV0QBpsEQcdtd2HtMQc&google_cver=1
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIIIJdSBV5zoxCqDTIXlYW4&google_cver=1
Request Chain 333
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1701113937&external_user_id=79f03749-7259-4ce8-bba9-7a12868dea08
Request Chain 334
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5db20f50-28c5-4dc0-a441-767b6312019b
Request Chain 335
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2100549979195251680&expiration=1686425937
Request Chain 336
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB
Request Chain 338
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dee66472-5c51-4e00-b6c5-59c34367aff5&gdpr=0&gdpr_consent=
Request Chain 339
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727957896774
Request Chain 340
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 341
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1558205017748566014
Request Chain 342
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gPXiC4NqS1ul7QPJRTD3yA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 345
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=110183522 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=80F5E20B-836A-4B5B-A5ED-03C94530F7C8
Request Chain 346
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=80F5E20B-836A-4B5B-A5ED-03C94530F7C8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzBod3R4TWFhelJTdm1oZloxeThWOEUwdw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3309410426810222061&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119 HTTP 302
  • https://a.audrte.com/p
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODBGNUUyMEItODM2QS00QjVCLUE1RUQtMDNDOTQ1MzBGN0M4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOew5_j7e3P-leoQhPltvDI&google_cver=1
Request Chain 350
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3309410426810222061
Request Chain 353
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4pOq6lMWSaiJ7-Pgjwgapg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4pOq6lMWSaiJ7-Pgjwgapg
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEycKa5Rz94FjbcErUrbL1k&google_cver=1
Request Chain 355
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk2RUFKWFctMy0zOVhF HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHjv1I0PPnUDny_bxqfCcYo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2RUFKWFctMy0zOVhF&google_push=
Request Chain 356
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQxMzk1NTgwNDE1YmJhYTJkMDg0OGVhZjViNjIyNGZhNzY0N2UzZQ
Request Chain 358
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVL0MqgRQ0-neBuG1ND_Zw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVL0MqgRQ0-neBuG1ND_Zw
Request Chain 359
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mbtlWcFsT3RZX-2YVez10Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2macBQ9E2oJatovyMRA8Fdh9qoZzvr.mwhM2Kg--~A

363 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
o.canada.com/
Redirect Chain
  • https://canada.com/
  • https://o.canada.com/
674 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aaeab9a6a768acbe06c2b915e927977980185be1c99d0d5beace7d4fe6dcaf17
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=240
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Sat, 27 May 2023 19:38:50 GMT
expires
Sat, 27 May 2023 19:37:06 GMT
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-dcs-cache-page
HIT
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-pmd-backend
pmd-nginx-proxy-69b5d4b46c-qrg9g
x-pmd-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 27 May 2023 19:38:50 GMT
location
https://o.canada.com/
air-canada-0526-ph.jpg
smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/05/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/theprovince/wp-content/uploads/2023/05/air-canada-0526-ph.jpg?quality=90&strip=all&w=466&type=webp&sig=S-7chf0NtthjhynaeoTApA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5964f9a0f179465c4c73866c79ffe1f085de93296c6a50d44094e4c9c2eccc88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
theprovince
date
Sat, 27 May 2023 19:38:51 GMT
via
1.1 google
server
nginx/1.18.0
etag
"6b545a57201682ba3d8328c5e2d73394a905b900"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-w5cf2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33314
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 May 2023 19:38:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 May 2023 19:38:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ae4f0f45792d9e18953559ba99c7aa69755c289db2966d8874b087d9197161f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25141
x-xss-protection
0
server
cafe
etag
877 / 19504 / m202305230101 / config-hash: 5486929009166019583
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 May 2023 19:38:51 GMT
184635-232448041313322.js
js-sec.indexww.com/ht/p/ 		153 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521c60f0c979eeeabc2dcabee0d4ecdcc8c1c91e2654b4ea243d4957e4bd1ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 27 May 2023 19:15:26 GMT
server
cloudflare
age
1152
etag
W/"902073-262ff-5fcb1ad0c6201"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7ce0b874fa409229-FRA
expires
Sat, 27 May 2023 23:38:51 GMT
publishertag.js
static.criteo.net/js/ld/ 		125 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d3f41b6c541baf0c356852185992733c3aa80d957f4dcc66454e5149e0fc4816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-1f5ca"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 May 2023 19:38:51 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:14:16 GMT
content-encoding
gzip
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1476
etag
W/"d18b57a80b57082ffb531a2e077b3016"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
MjSIuo4RDAuSpeW43b6XUZVDFcuHGkVWBJvQ9oeyEl9usuIsED_5Iw==
14648.js
micro.rubiconproject.com/prebid/dynamic/ 		2 MB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/14648.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.242.37 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-242-37.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
db9b160b21a425588501b012896069a80b735a5777f5412878c233ce79f93563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
last-modified
Fri, 26 May 2023 19:40:51 GMT
server
Apache
etag
"14648_postmedia_pbjsRule_6Fri__26_May_2023_19:40:51_GMT"
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-14648_postmedia_pbjs.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
232545
expires
Sat, 27 May 2023 19:53:54 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 19:36:37 GMT
Content-Encoding
gzip
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
432135
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
yyAq1vVjI-2n6fe108FctvQeSLCfK_cZTEzPhJakyGO9uoSiDaMJhQ==
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c60b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BTW118FYSST2NZRF
age
2061
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VVoYvhVUjn4I4+el+kFDvTy+4TMhWGPwlyiQ6wfToQyOEzrNGXCBsX+pomyqM2bs2B6pvnodOu8=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM9FfhLUM3aotFnycAbe5w2Gy2JtD65PbaxCjs2nzNZKu3yRNo0pPqkKYK7jzHZKAtbnioysTKORF9yT92gYZoky%2FljzpoavLtyVafr%2BKr6CtmldCsbSxE41GhFPuZ89pVpDS5YIc0VCl2CVM3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
7ce0b875bf981d92-FRA
LoginRadiusV2.js
auth.lrcontent.com/v2/js/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/js/LoginRadiusV2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
3478
x-amz-cf-pop
FRA56-C1
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ce0b8754e4c3a4a-FRA
x-amz-cf-id
as7sHFUpWr9BSr7DAfwgCKLCELicL3yYLFJiN_ZjjxbiyQEL3g-72A==
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:32:20 GMT
content-encoding
gzip
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:08:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
392
x-amz-server-side-encryption
AES256
etag
W/"be0aea74754407f0a826a84e140dd5ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
QJmQiZ1aPdYZ_8KX71DuV4IEGefSsKLkASSIQn13Ohm5EyPyWwV1ZQ==
fem.js
fem.gprod.postmedia.digital/v82.0/ 		328 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v82.0/fem.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
397b0c276df8e407b6602657343774399a6ab46dd3729f446ef3c19b5bf25219

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:35:13 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684182693
age
266618
x-guploader-uploadid
ADPycdsnf5pED5r5-3Ilqxhwbb7IBV0T0xd3b6mPweAXihJ0dlgszisZQmfH9ehuH5SVYBPvin3EH1s4ZiJHZILD0nxy7w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95145
last-modified
Mon, 15 May 2023 20:32:21 GMT
server
UploadServer
etag
W/"95d3c5fa536f9b5dac9e39415aa3b5bb"
vary
Accept-Encoding
x-goog-generation
1684182741804995
x-goog-hash
crc32c=5mZNpw==, md5=ldPF+lNvm12snjlBWqO1uw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
335422
accept-ranges
none
content-type
application/javascript
Kelowna-front.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/04/Kelowna-front.jpg?quality=90&strip=all&w=150&type=webp&sig=u8_-d-L0JngEnj5dDexDKw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
c4b15462eb69d84a10e5e0a87679ce830d12e9e1cba6e18cde06e4ecfa3480e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Sat, 27 May 2023 19:38:51 GMT
via
1.1 google
server
nginx/1.18.0
etag
"889d945a148bfde5d1c4b1f022f977541cde7f04"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-98cxd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10712
air-canada-grounding-20230525.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/air-canada-grounding-20230525.jpg?quality=90&strip=all&w=150&type=webp&sig=6sxrsktln8DM23mVAI6iwg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
1b093683792ea4a0d3153059b66dce78e682c73f721b47b3ffaa4b114199a43b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 26 May 2023 15:19:26 GMT
via
1.1 google
server
nginx/1.18.0
age
101965
etag
"ca136718a6a113e3a2eaa90b530cc9b75d356c3f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-98cxd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4792
airlines-close-call-san-francisco.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/airlines-close-call-san-francisco.jpg?quality=90&strip=all&w=150&type=webp&sig=qmR_zU-mVAc8FphAz5ELDQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
7a18f3daec97cae3c67929546a656a8a47d25f7c14c8d6f1d7c6c88489db058f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 26 May 2023 20:30:29 GMT
via
1.1 google
server
nginx/1.18.0
age
83302
etag
"9f269c9d284eaee9fa31939998068c1a7aa52af1"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-98cxd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7022
CP167015453-scaled.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/CP167015453-scaled.jpg?quality=90&strip=all&w=150&type=webp&sig=nim9KluO0i8D7E8c2sbdPQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
a8391a011ea9ace90573a9d7d269c9df70614e149d594eb1e56893435c8b8d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Fri, 26 May 2023 20:14:11 GMT
via
1.1 google
server
nginx/1.18.0
age
84280
etag
"d3388fa8a2767cd3b1360794ff1d2cc8750e416f"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-nld8q
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4158
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 22:48:48 GMT
x-content-type-options
nosniff
age
334203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 22:48:48 GMT
icon-generic-play.svg
dcs-static.gprod.postmedia.digital/13.6.3/websites/images/common-icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/images/common-icon/icon-generic-play.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:25:16 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267215
x-guploader-uploadid
ADPycdvBrJdtIsQbMIWgXTVXjE2r9gi10VQdRTfW_bVrcGvGWxWE0VjNztPV-ABN2Koh3-tmKpv2ybDV8W_4adBGdf9Xqg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
last-modified
Wed, 24 May 2023 17:05:58 GMT
server
UploadServer
etag
W/"34ef0f992f9fa3f5a172353b887ba82c"
vary
Accept-Encoding
x-goog-generation
1684947958692783
x-goog-hash
crc32c=+OS2xg==, md5=NO8PmS+fo/WhcjU7iHuoLA==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
1091
accept-ranges
none
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 03:55:21 GMT
x-content-type-options
nosniff
age
143010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 May 2024 03:55:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7CRoboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 16:10:14 GMT
x-content-type-options
nosniff
age
358117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 16:10:14 GMT
icon-fire.svg
dcs-static.gprod.postmedia.digital/13.6.3/websites/images/common-icon/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/images/common-icon/icon-fire.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:23:12 GMT
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267339
x-guploader-uploadid
ADPycduHSg0aLLJKqUdle86X5iKnI6pQOqPPt126opwk3xrdVsqGpIfTRChUDl63sNcHYDE6ejQnj_veAxDyA4TgmKWMZg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
last-modified
Wed, 24 May 2023 17:05:58 GMT
server
UploadServer
etag
"9c6e99306a671d196d8945273b28bfe8"
x-goog-generation
1684947958872974
x-goog-hash
crc32c=0k5Zig==, md5=nG6ZMGpnHRltiUUnOyi/6A==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
835
accept-ranges
bytes
postmedia-image-fallback.webp
dcs-static.gprod.postmedia.digital/13.6.3/websites/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/images/postmedia-image-fallback.webp
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:25:15 GMT
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267216
x-guploader-uploadid
ADPycdvcELnrO56QsXFZkkMnrPpDg8I0IVk0Kt_x2i5K1O0F5Ww-sD8NETlnnEwzWm0YxRfxTImecLyKDioPmCyFiOwEVw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2934
last-modified
Wed, 24 May 2023 17:06:20 GMT
server
UploadServer
etag
"496f3aa3adffbf2280dd5f74fb6eef8f"
x-goog-generation
1684947980180054
x-goog-hash
crc32c=Qpf2ww==, md5=SW86o63/vyKA3V90+27vjw==
access-control-allow-origin
*
content-type
application/octet-stream
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2934
accept-ranges
bytes
newsletter-envelope.svg
dcs-static.gprod.postmedia.digital/13.6.3/websites/images/newsletters/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/images/newsletters/logo/newsletter-envelope.svg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 18:40:26 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334605
age
262705
x-guploader-uploadid
ADPycduaif0JP-5FlOAp3mtKvhG8STSU2HG7FF3KUto3yTZJeSp2RSZ7UJKZ9zr6JJCvKJG3mxrCTscVUgSpB29-x0FEIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
785
last-modified
Wed, 24 May 2023 17:06:18 GMT
server
UploadServer
etag
W/"dceb7ee8eaaaa05d55c1e22d2c5eab79"
vary
Accept-Encoding
x-goog-generation
1684947978308164
x-goog-hash
crc32c=58jl1w==, md5=3Ot+6OqqoF1VweItLF6reQ==
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2424
accept-ranges
none
shared.7b64a37a6c31.js
dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e8cb6904656301c79a9eb40a7419d96cfe4a370fc6424214e76d399ceecee50a

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:21:01 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334603
age
267470
x-guploader-uploadid
ADPycduKMhYrl8r3bBojGRGSywhMvfr78BfgZN8wfnvAdY4_WRNEvg6hUOIpu8UTA3fQ1qA4obk9Za-kljkglzQs-TxALYrFGahy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7396
last-modified
Wed, 24 May 2023 17:05:28 GMT
server
UploadServer
etag
W/"b8c844b407117fa356010a68377c28b5"
vary
Accept-Encoding
x-goog-generation
1684947928095515
x-goog-hash
crc32c=/xgrtw==, md5=uMhEtAcRf6NWAQpoN3wotQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
20699
accept-ranges
none
content-type
application/javascript
main.0a8f0fcdd478.js
dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/main.0a8f0fcdd478.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0a8f0fcdd478298e527c96f0a3d4251088619e6dc181f2e36a62c43c061a5169

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:21:01 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334603
age
267470
x-guploader-uploadid
ADPycdu4hm8rHCqNshtd4lkkIL37c2dsxjY8ATc5f4CzUQOYhZ4Q9MvNTgdrYqVNKYN7hVoBF5ruH7RDdlLB0E3lGzM_SERnWCGZ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31869
last-modified
Wed, 24 May 2023 17:05:28 GMT
server
UploadServer
etag
W/"8036302a7613e6b25a2bdd59f1f13e0f"
vary
Accept-Encoding
x-goog-generation
1684947928102477
x-goog-hash
crc32c=wdD41w==, md5=gDYwKnYT5rJaK91Z8fE+Dw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
94015
accept-ranges
none
content-type
application/javascript
xd.html
fem.gprod.postmedia.digital/v82.0/ Frame 7973 		165 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v82.0/xd.html
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6203791b307eb0658509916f0ea2d5dffe8a8c0c6f0dd22a2e05cf48d4f78c10

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
266617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31622400
content-length
165
content-type
text/html
date
Wed, 24 May 2023 17:35:14 GMT
etag
"e4f416e960166637d0987ca13e1301e5"
last-modified
Mon, 15 May 2023 20:32:22 GMT
server
UploadServer
x-cache-hit
hit
x-goog-generation
1684182742892639
x-goog-hash
crc32c=JP1Uag== md5=5PQW6WAWZjfQmHyhPhMB5Q==
x-goog-meta-goog-reserved-file-mtime
1684182693
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
165
x-guploader-uploadid
ADPycdt4ELGV_DfNQg6sQNcvNzOQVGMU3L9KNCXncHniwKhaJi3FMbBNIRY24L4Y-BoSUM5sfCixM0x8nVTxFFNxKbSY8OtiSv8v
23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/ 		414 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae261f392f3ef581c6b62dfed9f3568bfcf676c01d8d2b9adcbf555e6217a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycduq7XpqLwQZxcENk5gj5jvjH6Yrh3YhyCjQT8awKdGwjJMrWcT__KMPhpRRAJF-_vbtcyls457P_CwKK256rkNrdwy6m6as
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 26 May 2023 20:32:52 GMT
server
cloudflare
etag
W/"d6bff6490ab3f591c090beea57840a3f"
vary
Accept-Encoding
x-goog-generation
1685133172348767
content-type
application/javascript
x-goog-hash
crc32c=tSffxQ==, md5=1r/2SQqz9ZHAkL7qV4QKPw==
cache-control
public, max-age=900
x-goog-stored-content-length
126798
timing-allow-origin
*
cf-ray
7ce0b8771daf18c5-FRA
expires
Sat, 27 May 2023 19:53:51 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 17:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
5972
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127382
x-xss-protection
0
server
cafe
etag
12178286523779166803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 May 2024 17:59:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		97 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa46724124435c3abbd6e6de0230700c968b624d6a1d22cb230b0c1d0c372631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69
x-xss-protection
0
expires
Sat, 27 May 2023 19:38:51 GMT
any
idx.liadm.com/idex/ie/ 		121 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-8-210.compute-1.amazonaws.com
Software
/
Resource Hash
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
12
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
trace-id
7b1799af57ec174d
content-length
121
rid
match.adsrvr.org/track/ 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184635
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
fd283a7b3e4b5fae649bcb1d46b25dda76025fdbcaecf737aa1b7f4ff88bde75

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://o.canada.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 26 Jun 2023 19:38:51 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		336 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3528&u=https%3A%2F%2Fo.canada.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
35e5a8881e34365a13399b7c568c2427717401560f9b6b41fdb75f904718e2e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 14:03:35 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
20115
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
336
x-amz-cf-id
O-1avXiNvrrsquPv7OQejOqTJDTibAkQrkQe3ZzDGc-ie0u2Np4zSA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
date
Sat, 27 May 2023 01:45:10 GMT
x-amz-cf-pop
FRA2-C1
age
64422
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wiZYrk-c-T-G3V1GULsbojN76v5IkpsnZlvc5oFcQ9cc-wnf0SaF-w==
14648-pbjs-floors.json
ads.rubiconproject.com/floors/ 		66 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/14648-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.242.37 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-242-37.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f3aeafb553691b6b5ac9e3a8ad59356db12e2e403d3071b3e7c1ad3661864a37

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
last-modified
Sat, 27 May 2023 18:40:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5924
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230527
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5547ccd000f55d51916dde9e7ba9e0c34b77445032d345abdfdbb25cc3d0b337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 May 2023 19:38:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
13075
x-jsd-version
1.0.1706
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
851
x-served-by
cache-fra-eddf8230115-FRA
x-jsd-version-type
version
etag
W/"640-J/bDiMmADhbOR0K46f1BfsfxsyQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
xd.js
fem.gprod.postmedia.digital/v82.0/ Frame 7973 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v82.0/xd.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/xd.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05dac4ca590d8ff5f6cf34db26c2d508f186acf0e2f724bfbb97e32760a228a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fem.gprod.postmedia.digital/v82.0/xd.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:35:14 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684182693
age
266617
x-guploader-uploadid
ADPycdsgqM3vY0vNHBfYR2rK5p0J7iWIEKKd7DIIHRjeatqSC1DALwOrb2Z1r_0dqwH7ZFrYCtbO5bn6I9uKRYzpLAgo9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17126
last-modified
Mon, 15 May 2023 20:32:22 GMT
server
UploadServer
etag
W/"c47114e66c3f801b54e1e265931ebcae"
vary
Accept-Encoding
x-goog-generation
1684182742927853
x-goog-hash
crc32c=L2jHTA==, md5=xHEU5mw/gBtU4eJlkx68rg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
51868
accept-ranges
none
1ba51690ba40b66286237.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/1ba51690ba40b66286237.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7da0d33a89be4251d763dbda1a4d43402bae9a24e35cacb99bda5f4b7a9f8bdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycdtlesh7HG5utXUO4SZpk9OhWxGpC2FyM4QQLTQuMWVmZGqiQSmYGsv-v3M9MEBQSXg0pLslVh2_eoQN43KG075QuQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6817
last-modified
Wed, 24 May 2023 17:06:26 GMT
server
UploadServer
etag
W/"6b2497b8a499e3ecc02bbb3e7aa58bb3"
vary
Accept-Encoding
x-goog-generation
1684947986055796
x-goog-hash
crc32c=BRHhlA==, md5=aySXuKSZ4+zAK7s+eqWLsw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22884
accept-ranges
none
a3abef1aea194bc54ce30.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/a3abef1aea194bc54ce30.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycdsY1Xzi7UizKRyvMtb9NqaVDcLyfFZPZ7hvHl0DFm8NuiTiru_itxqhSVV1iG1FDUxvjMDo2sqJYHTRLgshpfcraGyiBJh1
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2828
last-modified
Wed, 24 May 2023 17:06:30 GMT
server
UploadServer
etag
W/"b64e8b5cfcdcf8c0a79afea901dadb8c"
vary
Accept-Encoding
x-goog-generation
1684947990996167
x-goog-hash
crc32c=S9u9sA==, md5=tk6LXPzc+MCnmv6pAdrbjA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
6981
accept-ranges
none
d7b7f909a83ce871ab402.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/d7b7f909a83ce871ab402.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8c8e00657998fa7053b40cd7c9ae6440e52f436837f2dc9d7d79b02972b26fea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycduII-5Otg8Fsot3riYofJQLJxhxOXWnqRJmRrEPofWpwDmMc4fX1YcF32H1ZEq9PgCoGNq5YGH7tdDSaAsFESHZtb4kw68S
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10870
last-modified
Wed, 24 May 2023 17:06:32 GMT
server
UploadServer
etag
W/"1cb7d693fa2451194aea071be19ab3ab"
vary
Accept-Encoding
x-goog-generation
1684947992213306
x-goog-hash
crc32c=Sofd4A==, md5=HLfWk/okURlK6gcb4Zqzqw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
35379
accept-ranges
none
3ae1a9b93e2caf7693ac3.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/3ae1a9b93e2caf7693ac3.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0d64fe593085f9af4f1f012fab4c4bf995f191050cf9dc265376359b09aad1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycdt6hYPl2QuTYx92vx2Rz44X3Vi-Ll1o_-wqTT-09ekImpaaaZ2-7x5XnxAx7Dia5xu8oy79m-nD-OiksyvqBoGJqo5oE9LP
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3059
last-modified
Wed, 24 May 2023 17:06:27 GMT
server
UploadServer
etag
W/"f3817ada02a081b23a4b23776b9c208e"
vary
Accept-Encoding
x-goog-generation
1684947987951976
x-goog-hash
crc32c=CPpbLg==, md5=84F62gKggbI6SyN3a5wgjg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
8946
accept-ranges
none
9bc8db952ef51814b5a530.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		223 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/9bc8db952ef51814b5a530.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e629265ce159f0b2f8d8e319dca7ba986d055d8e27a80032e35e2e3fb3d96db5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycds9g6icBHUNH2gQiSAjZRW_ZMt0mKKIxf1x0vrOmKmqZdtfafnmgNqREcYPvkJAR0objT6GX382RmsBzqYGTWs5RQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
223
last-modified
Wed, 24 May 2023 17:06:30 GMT
server
UploadServer
etag
"b2f94fc8e6280408ce018fe8b638a480"
x-goog-generation
1684947990850040
x-goog-hash
crc32c=LcjKuw==, md5=svlPyOYoBAjOAY/otjikgA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
223
accept-ranges
bytes
87ed6e81580987164b0410.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/87ed6e81580987164b0410.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a46516b5b8a7c95a44494daab75b1ac61c7ed0eebccbc5be74c9d970553871de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycdszBiGP51WxcQUZcEpAvxUAZ3crPUtbezUyBwQpSJjtEndSotJzTEVzWqUpkJp14pa8Ea2FkomeFi4RgY8x1SnoVQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6799
last-modified
Wed, 24 May 2023 17:06:30 GMT
server
UploadServer
etag
W/"974ffaf053034dbf9baf7da0726ce414"
vary
Accept-Encoding
x-goog-generation
1684947990804732
x-goog-hash
crc32c=quMxGQ==, md5=l0/68FMDTb+br32gcmzkFA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
22492
accept-ranges
none
7173bf4992bf653cdd3842.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/7173bf4992bf653cdd3842.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f3e8467e7a1a6a4c6fcfd082fc55db45b7ae26ffd29750020bc46627f586f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:23:13 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267338
x-guploader-uploadid
ADPycds_JpPEREhQ2hW7omJ-0T_oo12R9fO9b9ayoNL7IVhuDnh_rlrjWje9GQZboafatbkcrAKHR1rh9Esce8L8rHRrEQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1073
last-modified
Wed, 24 May 2023 17:06:30 GMT
server
UploadServer
etag
W/"eebcaa62ba674f58ad137034e7a663e8"
vary
Accept-Encoding
x-goog-generation
1684947990612623
x-goog-hash
crc32c=Nq/B6Q==, md5=7ryqYrpnT1itE3A056Zj6A==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2462
accept-ranges
none
fbd9790e72664ed4dc6f24.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/fbd9790e72664ed4dc6f24.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c87d6317dfc3357442409c3486b46f806d9efc338034a9953b506079f3317df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:36:04 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
266567
x-guploader-uploadid
ADPycdsBxro3OopLjv0jWrIhVfAtsb3dyi1laEFVHLHVm5LHQ20Tjx37Y2sKTDU2klAgLQHYmvKfPXMu8yxf7fGIwbMFPEHNkw8T
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2834
last-modified
Wed, 24 May 2023 17:06:33 GMT
server
UploadServer
etag
W/"8fc95511ee44a3171a8b53b901289314"
vary
Accept-Encoding
x-goog-generation
1684947993168016
x-goog-hash
crc32c=KcpOOQ==, md5=j8lVEe5Eoxcai1O5ASiTFA==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
9525
accept-ranges
none
Robbins-California-Coast_277156002-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/05/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/05/Robbins-California-Coast_277156002-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=saApZPtYcGlo5cb5eYM3rA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f517e80a372959efa16f3bbf08a9ceeafce36ac992ee5c788423c967420ed673

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 26 May 2023 02:37:38 GMT
via
1.1 google
server
nginx/1.18.0
age
147673
etag
"62bccd37688e5103e9d3a3ce768928959fe01858"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-w5cf2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30156
MacNaull-Germany_277156302.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/05/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/05/MacNaull-Germany_277156302.jpg?quality=90&strip=all&w=344&type=webp&sig=-xCMq0tKgl2fW889GDv6Vw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
0a7ad0aa80b8acf6514d316e3b6bb569e1c9ee24d04acc661162968e36f9bd95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 26 May 2023 20:19:26 GMT
via
1.1 google
server
nginx/1.18.0
age
83965
etag
"c09d00d7a1e745dd281f399de645713911a45347"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-98cxd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33196
Pat-Lee-North-Carolina_277019964-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/04/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/04/Pat-Lee-North-Carolina_277019964-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=0qJxrqpx4d0kRS_GEi2tkQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
cd7f45bfc3e469b64553c67380fa2893450ffbb4fa843996af606e85730ddd2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Fri, 26 May 2023 13:02:09 GMT
via
1.1 google
server
nginx/1.18.0
age
110202
etag
"f20b3d15ceab82778c0cd60cc7534bf4c9bdfa97"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-cg844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31186
Nevada-photos-3_276711444-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/04/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/04/Nevada-photos-3_276711444-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=5ojM9uv2mc-RjkDAoyCNIQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
130e13eb24d2a1bd26df6130ee6aaad01830126aac9b1b64e09840bc38ab5add

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 27 May 2023 13:02:35 GMT
via
1.1 google
server
nginx/1.18.0
age
23776
etag
"8c0055865d7a8a74e3b26bd513276110c87b0ca7"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-xfbh9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29270
Robbins-Club-Med_275831266-scaled.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2023/03/Robbins-Club-Med_275831266-scaled.jpg?quality=90&strip=all&w=344&type=webp&sig=_MLdx_ya4XBeewqmHgPdGg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
9c18640014cb8be01b3712883cb601370a8a691b2910d616a188f8e916be280c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
nationalpost
date
Sat, 27 May 2023 19:38:51 GMT
via
1.1 google
server
nginx/1.18.0
etag
"01bc62d6d5605ec26707fbb3f182e4ec108dde07"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
miss
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-cg844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17576
daycare-wp.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/daycare-wp.jpg?quality=90&strip=all&w=344&type=webp&sig=IT4l-dauHvDDLAB3dTPIRA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
ccfeee3d2138ac952171cf8ab987412babcd8c3ac5fc818069357192214ef5fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 27 May 2023 02:00:20 GMT
via
1.1 google
server
nginx/1.18.0
age
63511
etag
"fe7e6acec6f041fa545a885a5de480caf8eea0f5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-98cxd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36088
pitter-e1685199119366.png
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2020/02/pitter-e1685199119366.png?quality=90&strip=all&w=344&type=webp&sig=YzbI1Ma8HQ4irgnynwyojQ
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
12449617b4f5c5d3d1d4af4a89e9978b2a7b0124dab80afad9b955482e8e2c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 27 May 2023 17:47:43 GMT
via
1.1 google
server
nginx/1.18.0
age
6668
etag
"4592ae6f8e89ad54e48a545aa22d3b10166004e5"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-xfbh9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9748
duff-mcpl-peter_277896464.jpg
smartcdn.gprod.postmedia.digital/windsorstar/wp-content/uploads/2023/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/windsorstar/wp-content/uploads/2023/05/duff-mcpl-peter_277896464.jpg?quality=90&strip=all&w=344&type=webp&sig=ssA39Zy1pE_I2lJJKiRM4w
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5a1b54a2c7830e5bbd856ee3dd0dadfc5933aba68713f57cd74d493164ad36df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
windsorstar
date
Fri, 26 May 2023 20:08:36 GMT
via
1.1 google
server
nginx/1.18.0
age
84615
etag
"48b50e2129244a0680c2c8084294486428c82dd9"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-nld8q
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6062
screen-shot-2023-05-26-at-2-10-28-pm-copy_277920766.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/05/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/05/screen-shot-2023-05-26-at-2-10-28-pm-copy_277920766.jpg?quality=90&strip=all&w=344&type=webp&sig=oqEYpgheptQT6mE_6dMt_g
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
f6bd1f3753fb744217ca54ab37d328b66be90cc0bdbc2f24489a84d7332deebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Fri, 26 May 2023 22:30:22 GMT
via
1.1 google
server
nginx/1.18.0
age
76109
etag
"7c295f873f9023838b3cce0a4e820502c9ea5c2d"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-w5cf2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37706
Makeover.jpg
smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/05/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/vancouversun/wp-content/uploads/2023/05/Makeover.jpg?quality=90&strip=all&w=344&type=webp&sig=46EDBB5mF9M85-AsrXelbw
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
59b5e7d5823555f7cd306e0eed3c58d07bd5ada8a86728a95ee49a6d38da81e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
vancouversun
date
Sat, 27 May 2023 18:10:06 GMT
via
1.1 google
server
nginx/1.18.0
age
5325
etag
"2a0a1349da245a22c8e3461f5e122c884ee0c2ad"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-xll99
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28696
GettyImages-1058684842-scaled-e1684463683965.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2023/05/GettyImages-1058684842-scaled-e1684463683965.jpg?quality=90&strip=all&w=344&type=webp&sig=JigHrCycYDwujJ__evkBFg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
18c34e687aa8137f1067f6fd430ea00a7c421a5111e39005a1fce14ca1482187

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
torontosun
date
Sat, 27 May 2023 18:01:00 GMT
via
1.1 google
server
nginx/1.18.0
age
5871
etag
"6d79a3facbb3502b3754f3f1e018feec299134bd"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-xll99
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20990
IMG_0236-scaled-e1684874451960.jpeg
smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/IMG_0236-scaled-e1684874451960.jpeg?quality=90&strip=all&w=344&type=webp&sig=sPD_qPQPh6oSFMPUHPG5og
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
5b07b1e60b300014b6190f9ad13d038a7a9b73081296a4c547de0512b36d7147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
lfpress
date
Sat, 27 May 2023 06:26:58 GMT
via
1.1 google
server
nginx/1.18.0
age
47513
etag
"38bd0f3bdfa8e6e4db1de3e69342936af3672da2"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-sl4gl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51174
LDN20230310DR011-scaled-e1684945842147.jpg
smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/LDN20230310DR011-scaled-e1684945842147.jpg?quality=90&strip=all&w=344&type=webp&sig=u4C9djuoK94wphdZEA30RA
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
b0324ecde9d575cc769a42fd340b720a09f511fa34e12e260b854ce251e36b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
lfpress
date
Sat, 27 May 2023 06:26:59 GMT
via
1.1 google
server
nginx/1.18.0
age
47512
etag
"7f24da02d6faff22357a0c0ecd2979e0573c0785"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-sl4gl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18104
gettyimages-1141433541-170667a.jpg
smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartcdn.gprod.postmedia.digital/lfpress/wp-content/uploads/2023/05/gettyimages-1141433541-170667a.jpg?quality=90&strip=all&w=344&type=webp&sig=SyuIUZRVn0b6rH5Sf93Wtg
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
221.157.149.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
42c4ceb442ec4245367fc2c76922dcbbf6085c69dc6d287ca92fa5490770ec9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-pmd-smartcdn-requester
lfpress
date
Sat, 27 May 2023 06:26:59 GMT
via
1.1 google
server
nginx/1.18.0
age
47512
etag
"a8ca5f072affb25d003c9e55dd1d16939270d9cb"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000,public
x-cache-hit
hit
x-pmd-smart-cdn-proxy
thumbor-proxy-5849dfbd96-fmlz7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29194
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 27 May 2023 19:53:51 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.53.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-53-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 27 May 2023 19:38:52 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.53.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-53-223.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 27 May 2023 19:38:51 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
8f83a7dc0285566ea8fe22.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/8f83a7dc0285566ea8fe22.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3e0133b42ed23b2ee0a01c604b0046bb54e2f509bbf4ffcf1c57d71e932c6853

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycdsIuGxLEWHtocOl4275TsWfR5ZAytPLFKeF0OcWGEQjKbuezKzzUAw_wx55_GlZklPfcwv8oLIOjfq2UGTzm-IS0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1961
last-modified
Wed, 24 May 2023 17:06:31 GMT
server
UploadServer
etag
W/"c3f159a7db54e29e01e1eef58c89c51f"
vary
Accept-Encoding
x-goog-generation
1684947991015118
x-goog-hash
crc32c=iR5sHA==, md5=w/FZp9tU4p4B4e71jInFHw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
5423
accept-ranges
none
4a1357c0930f5e0cf8f44.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/4a1357c0930f5e0cf8f44.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6313e6609a6c80b05b8ca6fca1727d8bd2463899ddc7be7bc75dc4449391b979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:19:27 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267564
x-guploader-uploadid
ADPycduiBL2niIcWpVm3Uif8Crd8jFdSquDUHxjDyh08sHtzlaQ8nZDMXymSvWY7B-74ahLWetYLijwy-vHwEIjyhnHX2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3485
last-modified
Wed, 24 May 2023 17:06:29 GMT
server
UploadServer
etag
W/"9156e39232b8cd08adee9866325181aa"
vary
Accept-Encoding
x-goog-generation
1684947989354731
x-goog-hash
crc32c=tzx0uA==, md5=kVbjkjK4zQit7phmMlGBqg==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
12783
accept-ranges
none
94bf9f2f73000e31a3e917.js
dcs-static.gprod.postmedia.digital/13.6.3/websites/js/ 		2 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/94bf9f2f73000e31a3e917.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/CACHE/js/shared.7b64a37a6c31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4ffc1773bdd73a5c097967d6b3525248143161edfc13c8436c1f4f8afaba6a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:21:03 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684334604
age
267468
x-guploader-uploadid
ADPycdvGwTcmh6A5RJRoxqPKENQMJsO5ph4ZIwxGaagn1b3BmulDbpOx8oLBhb277qfibdnL80GlgXClyiAKtDEfAE1nqg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
970
last-modified
Wed, 24 May 2023 17:06:30 GMT
server
UploadServer
etag
W/"9a7abac75c889918346dd3f2f5c45ddf"
vary
Accept-Encoding
x-goog-generation
1684947990708053
x-goog-hash
crc32c=RagXJg==, md5=mnq6x1yImRg0bdPy9cRd3w==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
2483
accept-ranges
none
pxid
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/ 		46 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/v2.0/pxid?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
046cde1bc76b60aa1178cd679b263171008e5e8c2f525424ac559c7fc62303b9

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:51 GMT
AN-X-Request-Uuid
cecc3a79-eebb-4e7f-b497-9fc51e96a10c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
cdn.permutive.com/models/v2/ 		50 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/23dc09d6-b664-425a-a76e-0eed6a6cc102-models.bin
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b02fe84a03f487198c283a75e646513b698a38b09954e9bf399c304eb9d845d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
23dc09d6-b664-425a-a76e-0eed6a6cc102
age
0
x-guploader-uploadid
ADPycduqMy_UpM10TkM8fC60nUd5Mxm9Ii2gPoYU5YZ_0MlPDkECqg1MLgzEkepjGDCYxudqDSL4RAL9QvnWtRuez46wVg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
34756
last-modified
Tue, 23 May 2023 15:58:19 GMT
server
cloudflare
etag
"ac5868c8af1279a762ea4a9f5d325cd9"
vary
Accept-Encoding
x-goog-generation
1684857499515302
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=MOUhxw==, md5=rFhoyK8Seadi6kqfXTJc2Q==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
34756
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ce0b8799f2c5b86-FRA
expires
Sat, 27 May 2023 19:38:51 GMT
geoip
api.permutive.com/v2.0/ 		260 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c567910f6e69563b1e17802a1c9a915f910a3b5e8ff1fa392cd4e9498fa1bae0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
watson
api.permutive.com/v2.0/ 		317 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219
pub
pixel.adsafeprotected.com/services/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:ad-1,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-2,ss:%5B6.6,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-1,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-3,ss:%5B7.7,1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-2,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-4,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-3,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-5,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-4,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-6,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-5,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-7,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-6,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-8,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-7,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-9,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-8,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-10,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-9,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-11,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-native-10,ss:%5B5.5%5D,p:/3081/ccn.com/index,t:display%7D&slot=%7Bid:ad-12,ss:%5B1200.250,1200.90,970.90,970.250,728.90,300.250%5D,p:/3081/ccn.com/index,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=18d4639d-5b49-3c2a-4918-7449aaa8d1bf&url=https%253A%252F%252Fo.canada.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3a921fc263156c68a1d94f8610a71bf2935c2fe754f144df2bf7d028d63fe83f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
server
nginx
x-server-name
app07.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3528&u=https%3A%2F%2Fo.canada.com%2F&pid=UU1WqLH1Bgj6C&cb=0&ws=1600x1200&v=23.517.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-2%22%2C%22s%22%3A%5B%226x6%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-1%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-3%22%2C%22s%22%3A%5B%227x7%22%2C%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-2%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-4%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-3%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-5%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-4%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-6%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-5%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-7%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-6%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-8%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-7%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-9%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-8%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-10%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-9%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-11%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22ad-native-10%22%2C%22s%22%3A%5B%225x5%22%5D%7D%2C%7B%22sd%22%3A%22ad-12%22%2C%22s%22%3A%5B%221200x250%22%2C%221200x90%22%2C%22970x90%22%2C%22970x250%22%2C%22728x90%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
4C64QG829SQ4QBR6B2N3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
YDDa7HQBkjlzACQxSs3qqhRKrHjDKcKSiPwUY_Xw6yRoQXCHCOnMyg==
0bbe836f-b5f9-49a5-9488-5267082222ed
https://o.canada.com/ 		145 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/0bbe836f-b5f9-49a5-9488-5267082222ed
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52b3f43439c71fbf5639e3189f18527d05e14837c946b919e6157b49b7e64067

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
148596
Content-Type
815180de-0e0c-4ba0-b2c7-d2b99ceb6893
https://o.canada.com/ 		145 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/815180de-0e0c-4ba0-b2c7-d2b99ceb6893
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52b3f43439c71fbf5639e3189f18527d05e14837c946b919e6157b49b7e64067

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
148596
Content-Type
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e6f52df7fa0683f518bd3e179288f2787ee9ee0d7ae3813d7068fea20bb8d61a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
bid
ap.lijit.com/rtb/ 		25 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e99071d93ea49f838bf41f2f7a9f34c2ec8bcc3eb84f9ec401c2e537e843b69e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 May 2023 19:38:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=35&wv=7.40.0&cb=80498983210
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
postmedia-d.openx.net/w/1.0/ 		72 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fo.canada.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=55603fe8-caa1-4d70-a766-df66113b417b%2Cfe364454-b1b9-4c0b-b2ac-19fccfc6cdc4%2Cb5a87001-9c32-460e-b8b0-40e05f717a49%2C5944f589-6f61-4a13-8871-2f241082d211%2C314bec5b-7db5-437a-8a32-d7cac81fd52f%2C72ff462d-4e9e-49f5-b9ba-e36e99da678d%2C136669ae-3116-4fff-a7a8-c5e65c0696a1%2C5fccd463-8477-472f-84cc-617f4e9680df%2C93430887-5f7e-41a0-aa3d-0eabf0793f10%2C65aa1231-5fde-4ffa-9878-319684518951%2C1afef28d-b853-41f5-8cea-dcd06e66b7ce%2Cda3f0f8d-4c6d-4b11-9df8-de9375e3a6eb&nocache=1685216332023&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=b487f78d-3c9a-4a5c-92f4-72f716d86a97&aus=970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250%7C970x90%2C970x250%2C728x90%2C300x250&divids=ad-1%2Cad-2%2Cad-3%2Cad-4%2Cad-5%2Cad-6%2Cad-7%2Cad-8%2Cad-9%2Cad-10%2Cad-11%2Cad-12&aucs=%252F3081%252Fccn.com%252Findex%2523ad-1%2C%252F3081%252Fccn.com%252Findex%2523ad-2%2C%252F3081%252Fccn.com%252Findex%2523ad-3%2C%252F3081%252Fccn.com%252Findex%2523ad-4%2C%252F3081%252Fccn.com%252Findex%2523ad-5%2C%252F3081%252Fccn.com%252Findex%2523ad-6%2C%252F3081%252Fccn.com%252Findex%2523ad-7%2C%252F3081%252Fccn.com%252Findex%2523ad-8%2C%252F3081%252Fccn.com%252Findex%2523ad-9%2C%252F3081%252Fccn.com%252Findex%2523ad-10%2C%252F3081%252Fccn.com%252Findex%2523ad-11%2C%252F3081%252Fccn.com%252Findex%2523ad-12&auid=558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301%2C558243301
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6d0671d81aa240f957042f1f338ac28a8c0ddb2364eb4288805b9aec5037b58e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://o.canada.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=b487f78d-3c9a-4a5c-92f4-72f716d86a97%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&tk_flint=dmpbjs_v7.40.0&x_source.tid=55603fe8-caa1-4d70-a766-df66113b417b%3Bfe364454-b1b9-4c0b-b2ac-19fccfc6cdc4%3Bb5a87001-9c32-460e-b8b0-40e05f717a49%3B5944f589-6f61-4a13-8871-2f241082d211%3B314bec5b-7db5-437a-8a32-d7cac81fd52f%3B72ff462d-4e9e-49f5-b9ba-e36e99da678d%3B136669ae-3116-4fff-a7a8-c5e65c0696a1%3B5fccd463-8477-472f-84cc-617f4e9680df%3B93430887-5f7e-41a0-aa3d-0eabf0793f10%3B65aa1231-5fde-4ffa-9878-319684518951&l_pb_bid_id=54fb65ce92263e6%3B557b6f8e29aedc9%3B568621680c56d15%3B5738895b8b8f865%3B581300db5b516f%3B595bcbbee08457e%3B606900d84397331%3B61f8b3e194f13c9%3B62ef4e46fdfa6f9%3B636d7d26f50114b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-1%3B%2F3081%2Fccn.com%2Findex%23ad-2%3B%2F3081%2Fccn.com%2Findex%23ad-3%3B%2F3081%2Fccn.com%2Findex%23ad-4%3B%2F3081%2Fccn.com%2Findex%23ad-5%3B%2F3081%2Fccn.com%2Findex%23ad-6%3B%2F3081%2Fccn.com%2Findex%23ad-7%3B%2F3081%2Fccn.com%2Findex%23ad-8%3B%2F3081%2Fccn.com%2Findex%23ad-9%3B%2F3081%2Fccn.com%2Findex%23ad-10&slots=10&rand=0.02854194102151486
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
996c93bbc3ba3134a6412b19903690c9ecef4a6b7d91dea2f718d51660e3155a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14648&site_id=359816&zone_id=2596708&size_id=15&alt_size_ids=2%2C55%2C57&eid_pubcid.org=b487f78d-3c9a-4a5c-92f4-72f716d86a97%5E1&rf=https%3A%2F%2Fo.canada.com%2F&tg_i.page=https%3A%2F%2Fo.canada.com%2F&tg_i.domain=o.canada.com&tg_i.aupname=%2F3081%2Fccn.com%2Findex&tg_i.pbadslot=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&tk_flint=dmpbjs_v7.40.0&x_source.tid=1afef28d-b853-41f5-8cea-dcd06e66b7ce%3Bda3f0f8d-4c6d-4b11-9df8-de9375e3a6eb&l_pb_bid_id=64e4ec7acdbeb78%3B65af97744c0cd9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F3081%2Fccn.com%2Findex%23ad-11%3B%2F3081%2Fccn.com%2Findex%23ad-12&slots=2&rand=0.19380318780923278
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0568a981c6d278171ed16cea129345e0830efd6961f52f6d0a18cf5a9ec798ab

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://o.canada.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34b975a2426ef2d404900c569fc27ada7142c609651a6d663a17bb1c2437c0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMpraRVJVj5jpuWTNdtaC7K6J7%2F5DEV5BgBISJ27ONdKNqaZoJtzm10zX6lqFxQv0tR%2BOEgJ0S9Ez1jyQ88ccjr%2B9EkSX%2Be2XFCQRzapxcae9gzEOe1vfurUZ%2Bn45C3uE5Sf83I%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ce0b87b9e36bbef-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=901899
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34b975a2426ef2d404900c569fc27ada7142c609651a6d663a17bb1c2437c0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNsueW5RrhxrvQzVuK8h5utoAOS8lArvxfpHsntQpOTslJyedp4uhOr0GU2LyjoojQBK1TRJoc5tl4GA7VbuL1safifDkDjGE%2BLndhRenHvGCBC7lzXdUmx7eGZcVFk2I2LfrDU5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ce0b87b9e39bbef-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f016ddf9b7cf2f36bd88f84f3998c63416018ac2ed2e1c92c89902f2bfe96b97
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 May 2023 19:38:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a7faabf8-7890-4af7-9cde-4aac456fb312
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o.canada.com/api-root/media/videos/playlists/zNackYHG/player/json/
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/1ba51690ba40b66286237.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.249.109 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.249.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
157b442e6d6e6a28cfd285812d594c1ae137c091bdba8ce3f0998cf48a6fe481
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-content-type-options
nosniff
content-encoding
gzip
x-envoy-decorator-operation
pmd-nginx-proxy.nginx-proxy.svc.cluster.local:80/*
via
1.1 google
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
referrer-policy
strict-origin-when-cross-origin
last-modified
Saturday, 27-May-2023 19:38:52 GMT
server
istio-envoy
x-pmd-backend
pmd-nginx-proxy-69b5d4b46c-lhgm9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Accept, Cookie, Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
cache-control
max-age=900,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
permissions-policy
autoplay=(*), camera=(*), display-capture=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), microphone=(*), payment=(*)
expires
Sat, 27 May 2023 19:45:20 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
d7b1b3bba4522fefd3ef145be0d9d3e1abe4659efa57d5488369edd360513f27

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer b9d3df2fccd108b5eff3c44f573b2cd6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://o.canada.com/
x-referring-url
https://o.canada.com/

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
194
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://o.canada.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Sat, 27 May 2023 19:38:52 GMT
syncframe
gum.criteo.com/ Frame 575E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=o.canada.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 19:38:51 GMT
server
Kestrel
server-processing-duration-in-ticks
513113
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
segment
api.permutive.com/adv/v2/ 		14 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESELqA1zHWdNRtN7btFRLQBqs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESELqA1zHWdNRtN7btFRLQBqs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_cver=1
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESELqA1zHWdNRtN7btFRLQBqs&error=&type=ddp&k=21ec23a2-b38a-456e-b801-e5877a041482&u=6ab5bdae-36a2-4e08-bc44-584fe5f5038c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 575E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=canada.com&sn=ChromeSyncframe&so=0&topUrl=o.canada.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=WWxDL3x6R0ZVUWhRQllNSVJwdDFvQmNWUDJ2RGRhQTMycFRBaFFZOHc3Kzl4eGw3cjRSN3ZjM1h4Z0U5bWVZWXVDM1RmWmtnUi9XUVlpeGxhVmNCaHkzd0dRVjZIaDZESzJLMFN6bzdLa3lOYy9hUUU2bzd3VXJ6T3BMaW...
444 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WWxDL3x6R0ZVUWhRQllNSVJwdDFvQmNWUDJ2RGRhQTMycFRBaFFZOHc3Kzl4eGw3cjRSN3ZjM1h4Z0U5bWVZWXVDM1RmWmtnUi9XUVlpeGxhVmNCaHkzd0dRVjZIaDZESzJLMFN6bzdLa3lOYy9hUUU2bzd3VXJ6T3BMaWRhMDE1WFV6V0hTWFFDR2lvYUpMVTl6S09YNTFmOTVaRXl3MktYQlNFdXNmVHhxOS9GWVBNZ1M4YVZlRzR1VVlaaHZlcmpCMi9FRVZzMUwyODMybDlTQlRCd0hyQ3dTM3UzcTlnbnRhTHhGdXpIRElpSWlsZW1peklZTytJcm5SUTlsSUpDU2szcFNaUFY5Y0hDVW9vb1NLSjZJNHNoQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dfd837b82b661aeea11d0f9d20ccac772463b36a515b021a55d95d3b97ea81ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1661700
expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=WWxDL3x6R0ZVUWhRQllNSVJwdDFvQmNWUDJ2RGRhQTMycFRBaFFZOHc3Kzl4eGw3cjRSN3ZjM1h4Z0U5bWVZWXVDM1RmWmtnUi9XUVlpeGxhVmNCaHkzd0dRVjZIaDZESzJLMFN6bzdLa3lOYy9hUUU2bzd3VXJ6T3BMaWRhMDE1WFV6V0hTWFFDR2lvYUpMVTl6S09YNTFmOTVaRXl3MktYQlNFdXNmVHhxOS9GWVBNZ1M4YVZlRzR1VVlaaHZlcmpCMi9FRVZzMUwyODMybDlTQlRCd0hyQ3dTM3UzcTlnbnRhTHhGdXpIRElpSWlsZW1peklZTytJcm5SUTlsSUpDU2szcFNaUFY5Y0hDVW9vb1NLSjZJNHNoQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
297206
content-length
0
expires
0
comscore.js
storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/ 		168 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/pmd-dev-northamerica-northeast1-asset-analytics-pub/js/comscore.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/d7b7f909a83ce871ab402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:29:37 GMT
age
555
x-guploader-uploadid
ADPycdtUha0LPdUKfaePWzZlpmhxI4P9s4ZZIQyzYfrlujexDchkVtWEPFLMS-nEja8cHGms03nzIwGOTYfF7u1lzpEbYA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171739
last-modified
Tue, 13 Sep 2022 19:04:43 GMT
server
UploadServer
etag
"702fb2c84c6e8b364a6130cb860c7987"
x-goog-generation
1663095883714722
x-goog-hash
crc32c=aQkgGQ==, md5=cC+yyExuizZKYTDLhgx5hw==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
171739
accept-ranges
bytes
expires
Sat, 27 May 2023 20:29:37 GMT
pub
pixel.adsafeprotected.com/services/ 		318 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=928934&slot=%7Bid:jw-ad-1,ss:%5B640.480,480.360,480.361%5D,p:undefined,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=18d4639d-5b49-3c2a-4918-7449aaa8d1bf&url=https%253A%252F%252Fo.canada.com%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c3a003424fdc5c7ba1339e2c50ceb6258f97ce0cbe66bac53e501a8738ffacc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
server
nginx
x-server-name
app02.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
1OTw6MM0-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/i1NwCb4d/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-320.jpg
36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
839a68170ae2c8492bbe3343524ec1624c89faee075b3050b463c46d76d66320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
833
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
37306
x-served-by
cache-iad-kiad7000043-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 19 May 2023 23:42:06 GMT
server
nginx
x-timer
S1685216332.287241,VS0,VE2
etag
"773152190962122c06228a8b275ae11a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
42, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
UsBayrMkkcveoYMikRozxppzHrkfMVuMHnOBesAWJifWGxD0zcukgw==
4NGoCqww-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/p5FnRyz1/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/4NGoCqww-320.jpg
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/4NGoCqww-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf96e8e7424834be82290513e2f34cb3d989bc5c2e18e2111d3eb05f7fdab160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
402
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
19928
x-served-by
cache-iad-kiad7000140-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 19 May 2023 01:36:51 GMT
server
nginx
x-timer
S1685216332.287054,VS0,VE1
etag
"69c29deac01797c9bddaa83faf0828f8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
32, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/4NGoCqww-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
OYSRVqBtaX8P8HiEIHJzmDTMdMkTnnltGpECX4pO4LuAjszgMQIz1A==
sIeJ215f-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/Vh55oi1l/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/sIeJ215f-320.jpg
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/sIeJ215f-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82c7bf61bd2ac73e4b63c989a540ff9c65aa89936fdef83ca11373184ec19f73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
572
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20469
x-served-by
cache-iad-kcgs7200080-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 05 May 2023 15:08:37 GMT
server
nginx
x-timer
S1685216332.287041,VS0,VE2
etag
"12cfe127a58067dfdbec075223b4b1d1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
44721, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/sIeJ215f-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
fSf0GwNAFcg-aRE22X8JUcvKfib3393FHQPPFOhO6tqpt3hNoXC_Sw==
P6eQ4G6L-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/kAvaUp45/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/P6eQ4G6L-320.jpg
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/P6eQ4G6L-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8fbab9820deb30395b3d600a8cbd695bf02b389d78b5400fb3943f11378461d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
404
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
27698
x-served-by
cache-iad-kiad7000027-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 03 May 2023 00:03:18 GMT
server
nginx
x-timer
S1685216332.287801,VS0,VE1
etag
"62463f29df225a1a190b28a45f77e9a1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
17558, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/P6eQ4G6L-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
RLaalgodvoB0C7pCKKCAyJxtEVU7xlY5zMC2HXWM4s7hLOFffKGdyg==
vm68jiec-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/EDUYXJaI/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/vm68jiec-320.jpg
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/vm68jiec-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc5063025dc22c3305bfc452b2aa116b17c01dedb1917c803d4ca835c60f26f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
404
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
26716
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 02 May 2023 23:53:10 GMT
server
nginx
x-timer
S1685216332.287805,VS0,VE1
etag
"ca4b45f992f76646b008c760ece07e14"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
56268, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/vm68jiec-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
SpmeElJ-mZ0IE550LqlOcB3MByr0E3bHmjdB3vV91P7YjV_PJJQM5g==
XfS4caFq-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/XwSvaCKl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d313757775c99965549cd4798be91e2c9514bd5e27436f3ba7e5e9ad5f1c787d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
834
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
29496
x-served-by
cache-iad-kiad7000117-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 20 Apr 2023 17:03:30 GMT
server
nginx
x-timer
S1685216332.288121,VS0,VE4
etag
"d85c1bce678a8e4f7bc3267db99e3fef"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
48017, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/XfS4caFq-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
NOUqg8t0PzaQImOhv6dnJZQm7fOkPsMoI4gnKpJ5SYOuWDAw3wDgIw==
0z1m5a4b-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/mVlrGuYl/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
092cd9c4826b6efb6273c803188196fd09f420563712dea4adcecb61a26fc83b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
536
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17570
x-served-by
cache-iad-kiad7000095-IAD, cache-fra-eddf8230085-FRA
last-modified
Wed, 19 Apr 2023 19:26:46 GMT
server
nginx
x-timer
S1685216332.291876,VS0,VE1
etag
"818f5d4f5fcecfb0282c9119e5f172a8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
45897, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/0z1m5a4b-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
g4NQuEMEDx_uQiPuvTvlP2BJZog3iAvYTuLF0vdRVoaesQhQvrEGUg==
9zutyodg-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/NHIZTWRz/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
581d258b926c1cb7d85cd813ab77712c0c7b0ab3c3efdbe98a8cec08a6674060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
536
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
16327
x-served-by
cache-iad-kcgs7200114-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 17 Apr 2023 22:19:30 GMT
server
nginx
x-timer
S1685216332.288093,VS0,VE2
etag
"2b9aac04d655ea938e70468c88f46165"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
61095, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/9zutyodg-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
2FA_zhYLvsHkFOjfQ8dxSaqTkrzcuKDtBtsavHn6DLKiBDnBIUy3sA==
g4mcmyw7-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/pk7viBG8/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab31f40034920c1b534146957bf16fd87455ee28193b564863bae4014b6fc9c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
536
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
43647
x-served-by
cache-iad-kcgs7200170-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 13 Apr 2023 20:14:19 GMT
server
nginx
x-timer
S1685216332.291884,VS0,VE1
etag
"0241fca92d3fc10bbe3586df36e8ba7a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16211, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/g4mcmyw7-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
iU4MsShbwuoi1N-15mUqfJkDrULaDBnxTvlAbQWmHCaXfi611eIF1w==
dS3xXVaJ-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=320
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-320.jpg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-320.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
142a3e7ac7a64085af0b0c2bf9b3752e4cc872368d33e59e329b16c7324c7abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
536
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
17598
x-served-by
cache-iad-kcgs7200098-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 26 May 2023 21:26:43 GMT
server
nginx
x-timer
S1685216332.288371,VS0,VE1
etag
"80ab7f249783a9b8f3271bccd3899051"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
37, 1

Redirect headers

date
Sat, 27 May 2023 19:36:12 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
160
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-320.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
6TlP2oxgwXaijtC54LpwA00AsXWm3Vb12OkugJQTE8_T1IlZ_3J1EQ==
IrYAVodh.js
cdn.jwplayer.com/libraries/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/IrYAVodh.js
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/d7b7f909a83ce871ab402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
50f199dcd6d278a30ab75b6080de3d84230cb2653b71b6189b099fe83a9fe932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41716
x-amz-cf-id
FMv52OetvQZcKmYnXa5Alk6DD6Q4P-vZPdLkcgfiyP4-LcQUK-USHQ==
zNackYHG
cdn.jwplayer.com/v2/playlists/ 		54 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: dcs-static.gprod.postmedia.digital
URL: https://dcs-static.gprod.postmedia.digital/13.6.3/websites/js/d7b7f909a83ce871ab402.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
efc53377f4d6ddf161449d1492a7e95e5a3047e60a3fde2096f6ef60e5740366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7069
x-amz-cf-id
vSADN9E4jTqcawzsMGzZyEksXbPaaBn4jy2gd5MXk67dzvuqSEG7Yg==
expires
Sat, 27 May 2023 19:41:52
arj
postmedia-d.openx.net/w/1.0/ 		131 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia-d.openx.net/w/1.0/arj?auid=542276131%2C542276130%2C542276129%2C542276139%2C542276136%2C542276134%2C542276132%2C542276150%2C542276147%2C542276144%2C542276141%2C542276121&aus=300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90%7C300x250%2C728x90%2C970x250%2C970x90&ju=https%3A%2F%2Fo.canada.com%2F&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._kdpWvOPT&cache=1685216332463
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7e6decac19fd0c3781c39cb76b145a5a0c8c3fd9d61d12a927ab92218de051f3

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://o.canada.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f8e12268024b715976ba5c61881b5b71b6c5fc69274ca719aa0e2ab2c931f88e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 27 May 2023 19:38:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d52d7d47-b71a-4a58-b28a-aa80c25a34b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://o.canada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		30 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=307796
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5104af059a91f8576592b517d137cc786070c751cd4cae8d7b73b01f95464868

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4%2FsBLCSd9m4JwFmqah9cc78K29MmL8Z0atoX4r%2FVkdIK53j2g0BXGwthW%2BxwfZ2xKCiJMkr6e0qcMIlPNtAiHrhOxKnGjxS0%2FgN7jJk22%2BjDkSkD54a3deyr6YOvN5ZDTmZPPAW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ce0b87dfa26bbef-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4f7901cc&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
f752049597d1c8a2b8bd225b51a08db1e343b4fe9a858c7bdb64b964275bce5b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4e6901cb&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
cf055e47c5607c22a40a02764df29b201e8857cd1b33068c49d577eb523caf07

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4b9b01c9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
d98fc36398ceb0caf0b009adf726d48cb63cfd0b86db44222e9fc9fae738c02a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4cca01ca&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
6292f2cb5bdb20a863125959893059985cf8eb116d75afd32fe14d29e2ab030d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c4a9201c8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
25ddcd80c1ba9e735ec4683503dd10012b3a9f45caa886c3d802d3951b2a7110

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c487901c6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
fa6fda99fa2298f5ebf31f3e002be0433295910cec3b9af91d36d53755ce465f

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c475b01c5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e8daa8b2701ceb6cef516ddc0e8e55779d295b1688f5380519c34f921cfdcf35

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c498a01c7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
087da2610678f383fc3898e883d34de5ef9ae4db4d10523800756ab60a2be4e6

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c445501c2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
aa7bf97144cb009f548c28ebacfdb9966326bb146bafcdeb080b0b5560b7c59a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c454701c3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
29ad382967634c893d153d44e6dc750b7152d4f1081b29830a88e287c7b04a69

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c464101c4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
0767698a5bde527a511f3ad283caef356b21ec959b49cdb3fcae7e86967d7cc3

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c435501c1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
5325ba079d494d36eef5597080cdcd4d480a1df663b63f417365151c4c1a61e1

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c82c801f6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
03438256d784864b17e07498b4a0615d9b174797334f3f793b0582e78fdeaf3f

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c857001f8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
7afbee212e2315c196d65ca0f125b67415908b887f4f7e5bd74483e81f954e7f

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c841201f7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
6d4a9ee7f58b9b498e8a8026236893a66a8fc2534308b212e2bfbbac90dcad2e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c817101f5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
4e5ee5c8c55d6343189ef4eb44ee0121cd21bf33c121f04ce9d8b993e842ad8e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c802601f4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
df25a31de249ff235f878f1c52b5db7e26dc5356f7ffc2540479d5d40065e226

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7d9301f2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
7a9cadef842ac5fd63b4217e5e26a1f9d478cc3cb116bf214f052fecdd388f73

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7c4f01f1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
f4c223271b5f2e493355f3c0d48386f728a17a171cb7f6b6ac0cca2f659cc648

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7ed101f3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
f9a35f9ba03f74baf56efe8147142ac3863d9c21650fe111ebe8369bf0edfd3e

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c772401ed&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
af101dbfbf915cf16c9b3c8d60576c6bfa1a9241ddd8c3e2b9b9a0f9f83990e7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c787001ee&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
43754ff3e0735491ab7c0a2e7c72e71447fae006ad48e63696331082ec163e25

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c7b0401f0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
01dbd3448956edb73b694f0e788ad1a6e64ac40c8d0044a3aff8e728dd0af99d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c79ae01ef&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
251d8d58edf90f6b7f8d3fad9daf9523546bad96c5f229ac0888821be9048bf4

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c745e01eb&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
b92f10cff5622b7e3ae92d74af583ee4ca11f3f24b23ba0b49cf2900fae9566d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c75e501ec&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
446bd0554dbc2e185c74d0ddc87914baf31f8b3283c2fe0e07eb84d549978435

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c716101e9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
13a80fc7a10649e35a6b706deec59f3f779d27bd68e1cdd2a837c657f9c6a9ca

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c72a101ea&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
7337e2592ab9aa43bb08306db6e328dfef7c55ec624f087769ef1a11058841ee

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6dbf01e6&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
9ec8e7d8d2a24833779d77b0cffead182b79859e3f8f7934902e72a2295fd9ec

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6eee01e7&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
c46ea21bce4fb3b31b94c44e7767bca7118b7f4a104c9eff6d4f048598a1df49

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c702e01e8&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
f7b85ccf8f99670a793b0619b99db8099b55dee98dd8179ef7603a23c8776c94

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6c8b01e5&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
645f2620b1758038feb5e1817c7f0ee78e0005eb80993bc7ee7942caee62ef73

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6b4d01e4&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
9a337baceaa23daadf46c1d98ec355dfb25975af93bae332272e7e07bfe0f0b2

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c67bb01e1&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
0bf58e8749b73e7abe90b96e7be6e4a9e5dbce531a88182daf6d8e92e1083e11

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c6a1801e3&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e39d45892763e65be25793fcbfc3ddc2cfee159b25e54752cb76b2dd75f35088

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c68e801e2&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
78d9aa670440910121b197f4f19277745c817f54a72b83c047914cd2ec05e233

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c630201dd&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e292f2e80de1f07bfa646f93eb3ed42ed41078a7b86be6036a6236f6c22cea7d

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c668c01e0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
0bc77d749111a0739d7fdbfc9b8a1319e048dbb62c407286d83cd1940306e675

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c642901de&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
672c723f22710b733288b67e238c91f20d42e4089d1e659f94da41476a70ba44

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c655601df&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
39956bccd62278cba07c6540b69fa52060fcc85fbb2217e79ba0c9c7f8a0c216

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5ddc01d9&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
1942036fcecfc8a7c82bad838aa5797344b0a594cc415ce6e1da4e70aaa6ca4b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c5efb01da&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
04258e31ac0b70d6e9531c5fcbcb8f4bf415f85ddc15a8fcf747cd4382018b72

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c61c301dc&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
7083705c1ab64b15599362f58dea6238fc419a9b507bda7af7f5d1e9d8b5ba8a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c601d01db&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
37053a93670ce129b8eb07ca542d84bc6d7c9da924126b7f91d432a3d5196053

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c406101be&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
d463e45397d0edaaddc623981a718e083d215611d2fb2f27d58cb775baecb7d8

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c415901bf&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
79030020c532d13ce66d479402c01b1e299d209710abfe51a38fa6fe5e99d650

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c3f5701bd&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
717c29e3f65250da92d8ee08e9c74f78cd2129063270a89cbed93325f7b00fe9

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9694c0017474985ad89c7028ca00f4&pos=8a9694c0017474985ad89c7c425401c0&secure=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
de3483b424375c05d5d183957242eb3976616d16d06bded6dd5cb8dea518d526

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
content-length
80
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=154&cb=2173920457
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=hzsusVmqC5eWvQJsY0u4eekI&bidId=_NYwZmOlU&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332478&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=Xt2r1QU8tTAXPb6tzO3pklF3&bidId=_IXSMxiDo&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332478&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=19XOE1tymKWfUgsquwZuAYYg&bidId=_nUhzZtJk&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332478&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=4cyEfY7AQaf54g87vCF4eUYl&bidId=_eh9hfbZ8&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332478&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=MUdPh0jMXqCGFsJdh4ib5FEt&bidId=_draA1Eqc&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332479&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=ui9DdqmWqvNyHhSQx6UNg6EF&bidId=_P1Qg8kJR&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332479&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=nFaTIuTY4RmaA59XBMOBp0su&bidId=_ByyhTHAG&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332479&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=qDeHhy6XpZBB8AMn22kYGbUt&bidId=_S5t55I4O&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332479&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=GeBLm9MgD6ysVhfy4NEPbbXx&bidId=_DLUzE1Ow&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332479&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=HmuNusdS6xt11eISKMpyYkEP&bidId=_8bdRiExY&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332480&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=wt6NCcwEyNTDNIluSYOPHljH&bidId=_XEtd3lJ6&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332480&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/t6oivhQt/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=YpGNmXyJuc3hYt7HmpGuGwgE&bidId=_PR0Tmjp4&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.3.0&cbust=1685216332480&secure=true
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.223.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-223-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:52 GMT
access-control-allow-credentials
true
vary
Origin
d2461684501c15adfb70.js
fem.gprod.postmedia.digital/v82.0/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fem.gprod.postmedia.digital/v82.0/chunks/d2461684501c15adfb70.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.54.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.54.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
95b7e12f18d5928216d1f8e16dd7ec881df6443d042fb60b241c606ec1aac530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 17:35:15 GMT
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1684182693
age
266617
x-guploader-uploadid
ADPycdv_vuaHRMD5DaDZBfpx40sy_XrXCXuP0HoXOUQs1x0DBsCbQNUfY7wVCTGVSPx5TPHpH3bwoBHg-IsGd5Akhg2xJw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1101
last-modified
Mon, 15 May 2023 20:32:21 GMT
server
UploadServer
etag
W/"54934944906f0127145da2f1bd26711b"
vary
Accept-Encoding
x-goog-generation
1684182741326062
x-goog-hash
crc32c=JkU7CA==, md5=VJNJRJBvAScUXaLxvSZxGw==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public,max-age=31622400
x-cache-hit
hit
x-goog-stored-content-length
3197
accept-ranges
none
events
bidder.criteo.com/csm/ 		0
213 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Sat, 27 May 2023 19:38:52 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/json

Response headers

Date
Sat, 27 May 2023 19:38:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
11693afad4875445073795073eab76a4ce537a3c9325ac6a10c581ce54417345

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
googima.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
921
x-cache
HIT
content-length
21963
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:35 GMT
server
AmazonS3
x-timer
S1685216333.718660,VS0,VE0
etag
"b08808f5729ce90fddf682e101a9691b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
239
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
654
x-cache
HIT
content-length
19101
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:36 GMT
server
AmazonS3
x-timer
S1685216333.720338,VS0,VE0
etag
"091cf336ba8e3328147ba88e7a9ff40c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
485
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
260094
x-cache
HIT
content-length
84863
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:29 GMT
server
AmazonS3
x-timer
S1685216333.719164,VS0,VE0
etag
"3141cfbc04d2f12e7e4047ffd289780c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
18158
zNackYHG
cdn.jwplayer.com/v2/playlists/ 		54 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/zNackYHG
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
efc53377f4d6ddf161449d1492a7e95e5a3047e60a3fde2096f6ef60e5740366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7069
x-amz-cf-id
c6vdzrDbEOfYdLfPvAo4Jd7td3R90JXRKY0jcUkbcc7WDeobsM2dpw==
expires
Sat, 27 May 2023 19:41:52
vf-v2.js
cdn.viafoura.net/ 		783 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abfa0daf16e8cbd76846b828941ef76a713be910fb85cea1cd71cf16addcfa87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
fRjUcZHzrUa4UXI2.lfRsA1OxO2D3YhO
content-encoding
br
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
date
Sat, 27 May 2023 19:35:42 GMT
x-amz-cf-pop
FRA56-P2
age
191
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 May 2023 17:40:03 GMT
server
AmazonS3
etag
W/"c7f59dfe4da5a7fb940e6e62173c715f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
fqmGOj5tNuOqbZdg2gt78Y63F5TW-mTO_-ZsQCRse28l3wlyWZgefg==
gtm.js
www.googletagmanager.com/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WC74WBX&l=dataLayer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d52c83567c4198cefee4887a0c9b84eb127c53a35cd6fd8a05df57a76977b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45557
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:52 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-25.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 02:30:20 GMT
content-encoding
gzip
via
1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
CDG3-C2
age
65544
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
RkXO0q25CcssTT4YaXTcOoxI8T83IxirUGFwfaYY9q7XTdxdjeiWtQ==
mparticle.js
jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/ 		243 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
273c30ad38c8aee798a626a454968645cc9e1b86d203ba442e2fa25a06ea5786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-eddf8230076-FRA
date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
137
x-timer
S1685216333.759150,VS0,VE0
x-origin-name
fastlyshield--shield_ssl_cache_iad_kcgs7200117_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
58624
x-cache-hits
11, 2
gtm.js
www.googletagmanager.com/ 		142 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Requested by
Host: fem.gprod.postmedia.digital
URL: https://fem.gprod.postmedia.digital/v82.0/fem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd09bbfdc7001b322b08a431e816e152ebdb9ecd0a079f8081ef57596f957ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46545
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:52 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		412 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
259986
x-cache
HIT
content-length
125992
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:32 GMT
server
AmazonS3
x-timer
S1685216333.740802,VS0,VE0
etag
"4f4459c52455c57a5490992cac29595d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
14170
EP4j6LNJEeu2Q2J+7u8ONQ.json
entitlements.jwplayer.com/ 		69 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/EP4j6LNJEeu2Q2J+7u8ONQ.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67A5) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
last-modified
Sat, 27 May 2023 16:16:11 GMT
server
ECAcc (frb/67A5)
age
12161
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=18780
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123025
x-xss-protection
0
expires
Sat, 27 May 2023 19:38:52 GMT
2aEOTZp7.srt
assets-jpcust.jwpsrv.com/tracks/
Redirect Chain
  • https://cdn.jwplayer.com/tracks/2aEOTZp7.srt
  • https://assets-jpcust.jwpsrv.com/tracks/2aEOTZp7.srt
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/tracks/2aEOTZp7.srt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c1f05ddf22846e669479432b6f8641d93df9b0cccb255d4e64b1f2203f0aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
381
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2280
x-served-by
cache-iad-kcgs7200024-IAD, cache-fra-eddf8230054-FRA
last-modified
Fri, 26 May 2023 00:07:19 GMT
server
nginx
x-timer
S1685216333.000999,VS0,VE97
etag
"e6ed0327b84e8eca173409ceef6e5c78"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/tracks/2aEOTZp7.srt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
lpBU3lnAkfQhw_Xz18PhFMrz5qkrEtKLwZ4nB5PggZBD_KcZA1uGDg==
polyfills.webvtt.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/polyfills.webvtt.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c3f188460d3e015aaba1ccb040ea3122fbd632da4edab8aed3f57ee098bf87d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
259548
x-cache
HIT
content-length
4510
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:31 GMT
server
AmazonS3
x-timer
S1685216333.821526,VS0,VE0
etag
"f40fecb5b0f59a9cae288c3498d8f653"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
2085
YXE9HtHO-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/YXE9HtHO-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.vtt
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.vtt
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9c697b1f96774bd4a0a6e2dd9b9dd0f7132e131f9fdebe5866f986acee1e8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
381
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
919
x-served-by
cache-iad-kjyo7100146-IAD, cache-fra-eddf8230054-FRA
last-modified
Thu, 25 May 2023 23:59:53 GMT
server
nginx
x-timer
S1685216333.001073,VS0,VE94
etag
"5f77432de9284077d1f81c189b6f1a3b"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 1

Redirect headers

date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
yRvCmiuZ2dS5p61Vf9NqFk4kf0oQTbtTgC4SgqRu6b7RAMKhVfzmYA==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.cast.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1738256e6238da9bd89af13598c4534fbffd2f5f0fbe9f4af072785bdedba4b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
259938
x-cache
HIT
content-length
10036
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:32 GMT
server
AmazonS3
x-timer
S1685216333.859077,VS0,VE0
etag
"e03a21ffb3c63b4a9468a0391bbe8d1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
7892
related.js
ssl.p.jwpcdn.com/player/v/8.27.1/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0292c490af46fed8c95fb0d728a9db44f964cd7f997af76f9bc95daf7b5f7259

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
gzip
via
1.1 varnish
age
260121
x-cache
HIT
content-length
24956
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Mon, 22 May 2023 06:27:33 GMT
server
AmazonS3
x-timer
S1685216333.859075,VS0,VE0
etag
"8852a3bfeb824346f0798be2a04f58d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
18148
YXE9HtHO.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/YXE9HtHO.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
43e003d6920a11189786b473dc30e90a4482beaf807a7b4c9bc1a7a7989fdc64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
458
x-amz-cf-id
C7gGQ60ch4e3L8rsd9G4aot2m31iFSB-YnHEU1kf4sOOKctKjaq53A==
dS3xXVaJ-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-720.jpg
71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee04546b274dd9a6191230f7c8488a6efda85d30e25be13c707cd76c15d5e8c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
398
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
72746
x-served-by
cache-iad-kcgs7200047-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 26 May 2023 21:26:43 GMT
server
nginx
x-timer
S1685216333.015619,VS0,VE2
etag
"d3eeb82b9a77c988c772079bfefe0bae"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
52, 1

Redirect headers

date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
rwaJvdqdQOmhQ954MO1L26bQ6EmUkkoIGEP6StXyMNilSvXo5UNDzQ==
dS3xXVaJ-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/YXE9HtHO/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-640.jpg
58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fee20b5b4a26754ee14c9faa5e7a8be36cad490da9bda99e3b2aa4e21c0669d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
301
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
59201
x-served-by
cache-iad-kiad7000053-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 26 May 2023 21:26:43 GMT
server
nginx
x-timer
S1685216333.049196,VS0,VE97
etag
"bf37177fada60c9ee9328b3a41e65974"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
25, 1

Redirect headers

date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/dS3xXVaJ-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
IW1ZqXbLJJ6CB9VXRuk7y2jICikkjT4GJNINczm9QFgK1gfLwFK7Yg==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=707927021&e=e&n=0043691396786578&abc=0&aid=EP4j6LNJEeu2Q2J%2B7u8ONQ&amp=0&ask=WMJYerua&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=16mjf691ua2t&i=0&id=YXE9HtHO&lid=1uzljp3knn07&lsa=set&mt=0&pbd=1&pbr=1&pgi=5p1rgb1p4w43&ph=1&pid=IrYAVodh&pii=0&pl=282&plc=20&pli=178vrqb1fin0&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&pu=https%3A%2F%2Fo.canada.com%2F&pv=8.27.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Snorkelling%20season%20is%20taking%20off%20in%20B.C.%20%E2%80%94%20here%20are%20a%20few%20things%20to%20know&tv=3.42.2&vb=1&vi=1&vl=90&wd=501&ab=1&cae=0&cb=1&cdid=leadVideoIFrameHeadline&cme=0&dd=1&fed=zNackYHG&flc=1&fv=&ga=0&lng=en-CA&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FYXE9HtHO.m3u8&pbc=0&pd=2&pdr=&plng=en-CA&plt=1400&pni=1&po=0&pogt=%20Canada.Com&rf=%2F%2Fcdn.jwplayer.com%2Fv2%2Fplaylists%2FuzU5KAZg%3Frelated_media_id%3DMEDIAID&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=160&sa=1685216332861
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230085-FRA
date
Sat, 27 May 2023 19:38:52 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3535
date
Sat, 27 May 2023 19:38:52 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1251
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230086-FRA
x-timer
S1685216333.947748,VS0,VE0
gtm.js
www.googletagmanager.com/ 		122 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR7GVNJ&l=dl_mparticle
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
600a41d0feb7b60915965078c7363e71904f36fcdfad34de9fea679247f70d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43803
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:52 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW2G74V&l=mp_data_layer
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3c7b193cdaffa59eb7b4f3a8f69eb587b2ff530480e835a9abcd27df6840259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42657
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:52 GMT
identify
identity.mparticle.com/v1/ 		176 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
58483a3759160f0c544b130aa85b103c122bb0fb007f4a4aa31324be7033886d
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230086-FRA
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1685216333.959117,VS0,VE109
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:aac8:30d6:df6f:8ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://o.canada.com
access-control-max-age
1728000
cache-control
max-age=0
date
Sat, 27 May 2023 19:38:53 GMT
expires
Sat, 27 May 2023 19:38:53 GMT
server
nginx/1.18.0 (Ubuntu)
v2
api.viafoura.co/v2/o.canada.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:aac8:30d6:df6f:8ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d38f2befc0d03d926c8ab3845b2e8f189ae81c04668f9726d8ce1ed24f0cd0a2

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-09f68c349af6fd6b9
pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 27 May 2023 19:38:53 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=o.canada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
bridge3.575.0_en_ca.html
imasdk.googleapis.com/js/core/ Frame 173A 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.575.0_en_ca.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f915edde18976a3f08d4919736b558fbe11550c04a3743ecbe5b038d89cdc25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
477207
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231089
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:05:26 GMT
expires
Tue, 21 May 2024 07:05:26 GMT
last-modified
Mon, 22 May 2023 04:15:41 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 May 2023 19:38:53 GMT
headerstats
as-sec.casalemedia.com/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=307796&u=https%3A%2F%2Fo.canada.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184635-232448041313322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJz%2BApEkMZzMV7lnnnBcz1%2BSH%2Ba0eEzJAKbrWdmhKzV8PStZXcC0z6AZkjqjXhlBVE14xLm8CWVQq01lKARSY%2BBaCtJRR4xyWEEt9LjmSig0dFDIOPDWVY1XbdLCCA4H8PGmSQj2pq0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://o.canada.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ce0b881bf0f918e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
gtm.js
www.googletagmanager.com/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NHPWKCD&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5c292344ea8a0d5df3459998cbe86b372e756f4ef06acbd13e5f8f871a80324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40919
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:53 GMT
gtm.js
www.googletagmanager.com/ 		284 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQ8ZV4&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4d6c7a756b851eaed92316ff9f47aa56422120c4c0524afbc87efaffd65fce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86562
x-xss-protection
0
last-modified
Sat, 27 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 May 2023 19:38:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2986832354050858&correlator=1248184861050193&eid=31074921&output=ldjh&gdfp_req=1&vrg=202305230101&ptt=17&impl=fifs&iu_parts=3081%2Cccn.com%2Cindex&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C6x6%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C7x7%7C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250%2C5x5%2C1200x250%7C1200x90%7C970x90%7C970x250%7C728x90%7C300x250&ifi=1&adks=4217552496%2C1341624894%2C931136440%2C3283421726%2C931136447%2C4217552501%2C931136446%2C4217552500%2C931136445%2C4217552503%2C931136444%2C4217552502%2C931136435%2C4217552505%2C931136434%2C4217552504%2C931136433%2C2421343164%2C931136432%2C2421343165%2C3395320742%2C2421343166&sfv=1-0-40&prev_scp=loc%3D1%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d0b-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%7Cloc%3D2%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d0c-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D1%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d0d-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D3%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d0e-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D2%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d0f-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D4%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d10-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D3%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d11-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D5%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d12-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D4%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d13-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D6%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d14-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D5%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d15-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D7%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d16-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D6%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d18-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D8%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d19-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D7%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d1b-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D9%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d1e-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D8%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d21-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D10%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d23-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D9%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d26-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D11%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d28-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%7Cloc%3D10%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d29-fcc6-11ed-a226-02caf40e7d43%7Cloc%3D12%26refresh%3Dtrue%26rc%3D0%26amznbid%3D2%26amznp%3D2%26id%3D1bd71d2a-fcc6-11ed-a226-02caf40e7d43%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70&eri=1&cust_params=permutive%3D96400%252Crts%26puid%3D6ab5bdae-36a2-4e08-bc44-584fe5f5038c%26ptime%3D1685216331762%26prmtvvid%3D2000b184-632c-4ef0-9a54-62e285fa83de%26prmtvwid%3D23dc09d6-b664-425a-a76e-0eed6a6cc102%26no_pol%3Dtrue%26page%3Dindex%26pr%3Dccn%26sensitive%3Dn%26negative%3Dn%26ck%3Dindex%26imp%3Dindex%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3006647_PG%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1685216333076&lmt=1685216333&dlt=1685216330996&idt=757&adxs=200%2C797%2C765%2C797%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200%2C765%2C200&adys=234%2C1331%2C1872%2C2613%2C3169%2C3909%2C4487%2C4250%2C4806%2C4591%2C5193%2C4932%2C5502%2C5273%2C5815%2C5614%2C6192%2C5955%2C6515%2C6296%2C6838%2C6637&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fo.canada.com%2F&frm=20&vis=1&psz=1600x250%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250%7C628x5%7C1600x250&msz=1600x-1%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1%7C628x5%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600%2C628%2C1600&ga_vid=341653313.1685216333&ga_sid=1685216333&ga_hid=1199777842&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e3d757a49a301fd2c3a50511599f01f9c3c9afbd0088124b4555912c8220ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17232
x-xss-protection
0
google-lineitem-id
6271300695,6271300695,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430359159,138431019205,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5d21084962a4f52ed4c5d475b2786c0af285e3abd94df93c002a181fd5a10e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11163
x-xss-protection
0
container.html
76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 63BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 19:38:53 GMT
expires
Sun, 26 May 2024 19:38:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 May 2023 19:38:53 GMT
manifest-audio_eng=112006-video_eng=201026.m3u8
videos-cloudfront-usp.jwpsrv.com/6473050d_1ef9a4a403f7327a2043df92ab33c1c887629674/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6473050d_1ef9a4a403f7327a2043df92ab33c1c887629674/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/manifest-audio_eng=112006-video_eng=201026.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
aaf7d1ee51de0c70605d034f24285aac5f21495dfcf9de67fd3dabf618894c4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 21:05:39 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
81194
x-cache
Hit from cloudfront
content-length
4560
server
Apache
etag
"usp-9E852975"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
KcQyGaN1btjuEUloEP0syZCUV6x6OmV3x1yix3bBxiMDLBm0hedsDA==
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1685216333.252975,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1685216333.254240,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
YXE9HtHO-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/YXE9HtHO-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.jpg
229 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54872d86ea7534e1b60306616e8d4f04377d1e6965b8c0779befe1bf69cc2a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
513
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
231359
x-served-by
cache-iad-kiad7000082-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 25 May 2023 23:59:53 GMT
server
nginx
x-timer
S1685216333.367424,VS0,VE2
etag
"02767a37bea270905d59d5762dec489f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1458, 1

Redirect headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/YXE9HtHO-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
pmxMCnSorp18SKHUlFd1rBfTe8fHWj0wBlaasgKUJ4ASnovkloGyPg==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 May 2023 19:38:53 GMT
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
identify
identity.mparticle.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
3535
date
Sat, 27 May 2023 19:38:53 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1252
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230086-FRA
x-timer
S1685216333.314024,VS0,VE0
identify
identity.mparticle.com/v1/ 		176 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
81a0cfc582655b9a541a554a526d4d516a56b74455377f2c3464c0183fd27a68
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
us1-99b65fde89a1a145894d2d51d283cc83
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230086-FRA
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=900
server
Kestrel
x-timer
S1685216333.321476,VS0,VE113
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1685216333.319490,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
Forwarding
jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v1/JS/us1-99b65fde89a1a145894d2d51d283cc83/Forwarding
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 varnish
server
Kestrel
x-timer
S1685216333.320516,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
x-cache-hits
0
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e6f52df7fa0683f518bd3e179288f2787ee9ee0d7ae3813d7068fea20bb8d61a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
manifest-audio_eng=112006-video_eng=201026-1.ts
videos-cloudfront-usp.jwpsrv.com/6473050d_1ef9a4a403f7327a2043df92ab33c1c887629674/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/ 		133 KB
133 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6473050d_1ef9a4a403f7327a2043df92ab33c1c887629674/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/manifest-audio_eng=112006-video_eng=201026-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ba3bbbcc95c4680dc416c3ed6758db9a5ed03a54b0f59f51cadac5c700a8b76a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 21:05:40 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-P7
age
81193
x-cache
Hit from cloudfront
content-length
135736
server
Apache
etag
"usp-A0FAD75E"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112006-video_eng=201026-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
r1UvhabgNpv1ARWtKY_M9WFTSGHKXq1g4Kx8Hm0_KM0JjmEoQtnl7g==
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Sat, 27 May 2023 19:38:53 GMT
cast_sender.js
www.gstatic.com/eureka/clank/113/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 04:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 28 May 2023 04:10:03 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 May 2023 19:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2039
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 27 May 2023 21:04:54 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		107 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0f13185c180310952e92856efa52942c7d4249ab73caf990c740a2cde715bf

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time
1ms
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sat, 27 May 2023 12:03:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
4
accept-ranges
bytes
cf-ray
7ce0b883cbb31cbf-FRA
alt-svc
h3=":443"; ma=86400
content-length
30407
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 May 2023 19:38:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27498
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6dOBl1mwr0K2W77UXpmvR3H/7/NUX/wqTY4CLD+I2ULwk/V3COKoyaGzr7N1BEimi/UfO6c5fE0lyfUV/uJQ4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.min.js
get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.44.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-44-94.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925abf3e95dd81547dc17dcbd96ac29eed1a93ef9caa21e101d03c02d73c57fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
GQ1y0deumN2bH2y74HaTf32E0eUQsGHu
content-encoding
gzip
via
1.1 ca8dbf5658b41cf179a2ae3717fdfcca.cloudfront.net (CloudFront)
date
Sat, 27 May 2023 10:33:40 GMT
last-modified
Wed, 19 Apr 2023 17:27:19 GMT
server
AmazonS3
x-amz-cf-pop
LHR61-P2
age
59455
x-amz-server-side-encryption
AES256
etag
W/"f48fa7169fc3fa15f1fb3e7c3197e0be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
os-pQljQUPb5_gOE7DsytMmhX32apMqDVY5fBipW26bk6Fzz6-POUA==
js
www.googletagmanager.com/gtag/ 		242 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa5909480c1527b91e927bff12f9d2aea0fec42aa35e625047e913d38868a628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85150
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 May 2023 19:38:53 GMT
p.js
cdn.parsely.com/keys/o.canada.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/o.canada.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3Q4QHW&l=gtm_data_layer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Sat, 27 May 2023 06:27:19 GMT
content-encoding
gzip
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 21:12:47 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
47494
etag
W/"639a3c4f-12687"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
VyU7Jn3_qsNgj1uC9QEx53hrE6VdUeapNyEio2Ho4Hb4LUNyN8vYvA==
expires
Sun, 28 May 2023 06:27:19 GMT
b
sb.scorecardresearch.com/ 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10276888&ns__t=1685216333363&ns_c=UTF-8&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c7=https%3A%2F%2Fo.canada.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-25.cdg3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG3-C2
x-amz-cf-id
6PbDk-LK7Bu0R50yfKpRqY4djbbvg-L09L3yJNGuDWoPz5r-BVmglA==
x-cache
Miss from cloudfront
audiences
api.permutive.com/audience-matching/v1/id/6ab5bdae-36a2-4e08-bc44-584fe5f5038c/ 		12 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/6ab5bdae-36a2-4e08-bc44-584fe5f5038c/audiences?k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/10276888/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-25.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:09:28 GMT
via
1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
CDG3-C2
age
1766
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
aM4exKSwfyYRouT5B_KkRKLuB1dH8jI8Qs8O7nNimzP5ZVjHbxGHMQ==

Redirect headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG3-C2
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
S69y-rXvqeNjIBa3aCLrcYophgDZQ_act_qOWmviLcCx5r546YGguw==
b2b03532-99f0-4eec-8d1d-4d845fc4dbd4
https://o.canada.com/ 		365 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://o.canada.com/b2b03532-99f0-4eec-8d1d-4d845fc4dbd4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
373268
Content-Type
text/javascript
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FE8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 17:51:26 GMT
expires
Sun, 26 May 2024 17:51:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F9B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a4c477a0628138920b82b12ed428315d4d1b3d56be1e2a2d381fa5d03ccad935
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--6zYi2UgeRS5DqXi4Tt9Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--6zYi2UgeRS5DqXi4Tt9Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 19:38:53 GMT
expires
Sat, 27 May 2023 19:38:53 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/ 		42 B
158 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jssdks.mparticle.com/v3/JS/us1-99b65fde89a1a145894d2d51d283cc83/events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-99b65fde89a1a145894d2d51d283cc83/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
be2bdae49a57c4bd1f98c1df2dc875db344eaa3e637511ddbd6e54ca4f529aca

Request headers

Accept
text/plain;charset=UTF-8
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-served-by
cache-fra-eddf8230021-FRA
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish
server
Kestrel
x-timer
S1685216333.466487,VS0,VE3
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je35o0&_p=1199777842&_gaz=1&cid=341653313.1685216333&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&sid=1685216333&sct=1&seg=0&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.gtm_version=49&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=1A71FB3D-EECA-4A2E-A39D-6791CA52B70B&ep.platform=Cheetah&ep.platform_version=13.6.3&ep.fem_version=v82.0&ep.mp_id=-7711734014240308582&ep.brand=canada.com&ep.timestamp=2023-05-27T19%3A38%3A53.467%2B00%3A00&ep.ga_client_id=341653313.1685216333&ep.main_category=index&ep.metered_content=false&up.mp_id=-7711734014240308582&up.client_id=341653313.1685216333
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CBS6P3K53Q&cid=341653313.1685216333&gtm=45je35o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CBS6P3K53Q&cid=341653313.1685216333&gtm=45je35o0&aip=1&z=980255726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685973801652415
connect.facebook.net/signals/config/ 		380 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1685973801652415?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64ab3fc8b4f1cefe9cea9b5f07382d217fc3949efa101152b20270ed6c1567aa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 May 2023 19:38:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KMcGRlts5jQ9Rgucl5exf9/Lwwr4PnxWEVBOrfp540fxtYEPkG3KRmSFzJ8Va3TeRN6WOwYgvl5M1QNuuZEAYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1685216333556&plid=97f98209-696d-432f-bd26-f161a9810247&idsite=o.canada.com&url=https%3A%2F%2Fo.canada.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22login_status%22%3A%22anonymous%22%7D&sid=1&surl=https%3A%2F%2Fo.canada.com%2F&sref=&sts=1685216333550&slts=0&title=Canada.Com+%7C+Homepage+%7C+Canada.Com&date=Sat+May+27+2023+19%3A38%3A53+GMT%2B0000+(GMT)&action=pageview&pvid=c321cd21-8eb9-4dc9-86eb-3f35b8518aff&u=pid%3D31f16b0d-7241-4c5f-8d06-4d45661eaad4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sat, 27 May 2023 19:38:53 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 27-May-2023 19:38:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1199777842&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1726110289&gjid=2060644170&cid=341653313.1685216333&tid=UA-213173459-10&_gid=446147290.1685216334&_r=1&_slc=1&gtm=45He35o0n81P3Q4QHW&cd2=2023-05-27T19%3A38%3A53.356%2B00%3A00&cd7=anonymous&cd17=0&cd23=canada.com&cd24=Cheetah&cd25=13.6.3&cd26=v82.0&cd27=0&cd28=GTM-P3Q4QHW&cd29=49&cd31=index&cd52=index&cd65=false&cd1=341653313.1685216333&z=2106152143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1199777842&t=pageview&_s=1&dl=https%3A%2F%2Fo.canada.com%2F&ul=en-us&de=UTF-8&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAEK~&jid=1137979863&gjid=1166241034&cid=341653313.1685216333&tid=UA-138335866-21&_gid=446147290.1685216334&_r=1&_slc=1&gtm=45He35o0n81P3Q4QHW&z=781086598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
thirdpartycookie
api.viafoura.co/v2/o.canada.com/ 		45 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/o.canada.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4848:aac8:30d6:df6f:8ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-instance-id
i-0e9c0157710bd8fa0
pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://o.canada.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 27 May 2023 19:38:53 GMT
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-125.vie50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront), 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7, VIE50-C2
x-amzn-requestid
19cc8977-2bb3-4bf5-b7ce-7924348a9e4d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FmNcOHz2iYcFpaA=
content-length
555
x-amz-cf-id
25zJxXeYYhi3JBi9pMQtfoVr0o7uRd3yhoPMYlBc20ox7tTZuAksmg==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/ccdb1690-bb26-4e37-ba38-a2a9c1c1f610/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-5.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
date
Sat, 27 May 2023 02:30:15 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C2
age
61719
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
x6AkXc5lQsOV83deD1Sz4Vk0WhWL9h33LryVgrLYYbjZ5kAe-j9L0w==
d3ff66f7bb6e44c8dbc1.js
sdk.mrf.io/statics/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/d3ff66f7bb6e44c8dbc1.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c00636c437e298ee9bc09d27839e1c48c4e250116f6608ee0e491b52a6c46f

Request headers

Referer
https://o.canada.com/
Origin
https://o.canada.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 28 Apr 2023 08:30:21 GMT
server
cloudflare
etag
W/"6a4850f13997d9131ef927ef92f59caf"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
7ce0b8850d241cbf-FRA
x-amz-cf-id
vwBz908iQFtmxiaz4CqeYcTOqjexd6-RKb166u_CfKlhpKPPjdBiyw==
ingest.php
events.newsroom.bi/ 		50 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305230101&jk=2986832354050858&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
pagead2.googlesyndication.com/bg/ Frame 6FE8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 14:34:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
363866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14660
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 14:34:27 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-213173459-10&cid=341653313.1685216333&jid=1726110289&gjid=2060644170&_gid=446147290.1685216334&_u=YCDACAAABAAAACAEK~&z=721502062
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
manifest-audio_eng=112006-video_eng=455222.m3u8
videos-cloudfront-usp.jwpsrv.com/6473050c_996565c59c4a9f50384d6e87884051300d862a4c/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/6473050c_996565c59c4a9f50384d6e87884051300d862a4c/site/ReDAXyY4/media/YXE9HtHO/version/YXE9HtHO/manifest.ism/manifest-audio_eng=112006-video_eng=455222.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1000:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
abab5bfc78c2bcd792a51406b30268a8da05d5eb30abbf894e43f27eb5c63fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 21:05:38 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
81194
x-cache
Hit from cloudfront
content-length
4560
server
Apache
etag
"usp-3BC3ABF7"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
doWb1kGthjtns2pjzeyCrcJAhaO_9NwoJwHiLWX4pOb0_TyLvFrQMQ==
1OTw6MM0-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/i1NwCb4d/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-120.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3872180c40fcd17f91d35ecdb02ec96d21cb7b369995d1f2f5a584734e8ab34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
743
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6817
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 19 May 2023 23:42:06 GMT
server
nginx
x-timer
S1685216334.839312,VS0,VE1
etag
"8a7b3139107225328b828cf957f4bde2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
40, 1

Redirect headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/1OTw6MM0-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
YFHzm3RTOksSZ53Gi7Dr2KhQm7oOmc-uuRKH1oQUnnsfWF1eTXmvdA==
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-213173459-10&cid=341653313.1685216333&jid=1726110289&_u=YCDACAAABAAAACAEK~&z=57922725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-213173459-10&cid=341653313.1685216333&jid=1726110289&_u=YCDACAAABAAAACAEK~&z=57922725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-125.vie50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront), 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7, VIE50-C2
x-amzn-requestid
19cc8977-2bb3-4bf5-b7ce-7924348a9e4d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FmNcOHz2iYcFpaA=
content-length
555
x-amz-cf-id
rF76x4v0CaX3e2m1aSjWI2WuNYW2PQPMWcNl39h9p4y7Xfr9Xb0tcg==
intl-messageformat.012944d869ae09761881.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.012944d869ae09761881.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b2829db716407b214db6479e8b412416a67ed2685b37c7c40818331a71ce02a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:40:16 GMT
x-amz-version-id
u0B1NxNVeu5pH1g8VP2.y_ZQJn33EcVe
content-encoding
br
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
179918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 May 2023 17:39:48 GMT
server
AmazonS3
etag
W/"48c545f03ae1b2f840131fc0fac8bec3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
6S9DbDonfRSKGCIsqpI4-4zqok5NJe8YxK3V78CKGz9LibFEzfrBQw==
intl-messageformat.6b99ae7698d0e17252e5.js
cdn.viafoura.net/chunks/languages/ 		135 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.6b99ae7698d0e17252e5.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e180a7fc8baf630385810782e5339a676583712e7199769782151ad710a8fa0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:40:17 GMT
x-amz-version-id
MC1UlRI_wFBo0t4sry1Sea5OitOf7kVj
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
179917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Thu, 25 May 2023 17:39:36 GMT
server
AmazonS3
etag
"df65d386b8d438df0c009bcd50a521ad"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1Q6ROWo_IMdV7PM0RCOlK1UTnfxLWqktFK9cQ2alijS_duaNlq5HrQ==
en-us-base-json.c1aad737e44a95d6d876.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.c1aad737e44a95d6d876.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6795a80f8eb3137451e22f501b1f04ab51840301cad664c3bbf77413ca532059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:40:16 GMT
x-amz-version-id
dbuhhRhnKKRh1emT0J565UALBS6eBM5R
content-encoding
br
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
179918
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 May 2023 17:39:44 GMT
server
AmazonS3
etag
W/"d70745103e37a56f282812256b876679"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
emEe3dtuRMARD6iiqlbLWYODMDe7NsqiTTih6t7SFnrU_BJUnCNBxg==
LoginRadiusV2.js
auth.lrcontent.com/v2/ 		199 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.lrcontent.com/v2/LoginRadiusV2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
Security Headers
Name Value
Strict-Transport-Security max-age= 63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
strict-transport-security
max-age= 63072000; includeSubdomains; preload
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
age
2241
x-amz-cf-pop
FRA2-C2
cf-polished
origSize=1238069
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 13 Dec 2021 05:19:58 GMT
server
cloudflare
etag
W/"ae3463c4a59ae100b160ed4dd5dbf4b8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7ce0b885cbb13a4a-FRA
x-amz-cf-id
hYl0cuTCrX30bakzzud438lqZRiXG6ySOvn3JwRX7lJf8b5oj1eTZA==
ingest
i.viafoura.co/v3/o.canada.com/ 		67 B
390 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/o.canada.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.181.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-181-241.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://o.canada.com
date
Sat, 27 May 2023 19:38:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
content-encoding
br
age
29966
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230045-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
jload
pixel.adsafeprotected.com/ Frame 0093 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138430359159&pubOrder=3184962652&cb=1183457747&custom=index&custom2=1&adsafe_par&impId=1bd71d0b-fcc6-11ed-a226-02caf40e7d43
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3473f8808ede60284c67d6ae41bb8040924a02603b41a98079413137d13bc843

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EE2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuU2kIYgvyoLmGzRMfq4Ml-3qFzo7TIAcMGwCyuNhLrPQ3TIfx_ELXMUvmeUuMjvF7tppohfDaY4OrBLgUWeQVBb48aI4Ol9DJ2t4dHgE6A7yEChAICz2l30n4S0Tp5xMyr-KnMZBV-pdNutxD5ChY3jxQj7-T1Y6tDfrinxEKXMwD-h8yECkHsHikJ0fSDhnwt73sAJmul974aqlbE9QV2JcRKi_8DjC_mHzzoxzSDfHKMSyoulNmL1G5scdrbkr9g9HI2L94cDdnGELNDVnOuv6SPR9VT6561YPfKbDUYi3sRVMJaakvmF8&sai=AMfl-YRxE35TtI2wdYh6Pc6Yjos3bE6TtVIcqnzjuIlwiUu6Q9YFbmrt29psSPFxi61MIue16vYYASxhqbkuUcgkXXFYsQqTlLUnRH43RrVjEny_OMeG86l91f08ZZz0aJ8&sig=Cg0ArKJSzKEuRULa4lO0EAE&uach_m=[UACH]&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame EE2A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 12:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Jun 2023 12:22:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE2A 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 May 2023 19:38:54 GMT
13993211790864349056
tpc.googlesyndication.com/simgad/ Frame EE2A 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13993211790864349056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
778e27efca8382dd97cb9391bc27a1fd184794530ad3839367a204783be9c119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 16:46:41 GMT
x-content-type-options
nosniff
age
10332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81691
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:14:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 May 2024 16:46:41 GMT
l
www.google.com/ads/measurement/ Frame EE2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_arMa3eIJ6YPImOBIvv0INduBDRkMhIqxuJSypE38yCgpAYfiRO3dejZgz5l8b067zbVC
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
jload
pixel.adsafeprotected.com/ Frame A9A2 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=528341539&custom=index&custom2=2&adsafe_par&impId=1bd71d0c-fcc6-11ed-a226-02caf40e7d43
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
065c16336806bd51ba922b68aa4bea16614212738e3c67e8a5ce4b300236cb32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRQ_jl6tfpBTNYOTzIjBKhTFz5u_7qQ9_DzZS6xeqa7JBjsYVnhqvMZV_2k7B8gQcbkwuaknLPU7I2KAt6CorYvgnu9zOFIN83P1THWPx-m_IPHZBeVZXbSq_2Za280oWlLSbNty8ZnxG1hVJDc3h_LufHcLhr-copOBGJ1RP1cGlG2G4dTpTtT3VFeiPsNr8utlEaHq2McInu1TMOW4T-E0b4f2IjoHFoo6Rh7vNUPAwSDUZKTsVxMAbMHDW2DKb_ju7CeeTTaeibKe1JK-zuYZav1AG_lr4eS_0gebR9uxBRDR_1GXZdQsM&sai=AMfl-YTWEivAhmeoM1hfVT3s-AljSLFRxHhSG5bh-Lbt7rV6nsABNws3OZW30lNVwgoP9NtrJL5p0kkiXRJ3OO6K4BIaP0awrmgv9dgY95xTqtXtZ-p1U37lTl9UrQjV5KI&sig=Cg0ArKJSzKec_XObjkwEEAE&uach_m=[UACH]&adurl=
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 8F46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 12:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Jun 2023 12:22:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F46 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54244
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684927996807358"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 May 2023 19:38:54 GMT
12120540700722256733
tpc.googlesyndication.com/simgad/ Frame 8F46 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12120540700722256733
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9d7ed6d561f96ca06fb3912adcc155a0fa0db34d0eee351908dc9493c79e1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 23:10:53 GMT
x-content-type-options
nosniff
age
332880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153639
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 19:14:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 May 2024 23:10:53 GMT
l
www.google.com/ads/measurement/ Frame 8F46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpspZwMquWH_0DR3relikRRdaKk6K0hRQ8JqTMGSctD-XeZukpw8S2blhyoTTiQ8ZX1770
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1685973801652415&ev=PageView&dl=https%3A%2F%2Fo.canada.com%2F&rl=&if=false&ts=1685216333908&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22514537319740368%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22503487844400487%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221042784969583558%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22858678751523779%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221127243281129742%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22497819211464386%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1685216333906.792088251&cs_est=true&it=1685216333500&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 May 2023 19:38:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame EE2A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
478d580aaf3b0bf1a049606bfbdc9662df4d8013edbd4999706ede70114377a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8F46 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eac6569a641342477ec1da0107ec592877fa65421f420a4d2081bfcff508e8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je35o0&_p=1199777842&cid=341653313.1685216333&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=2&dl=https%3A%2F%2Fo.canada.com%2F&sid=1685216333&sct=1&seg=0&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=49&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=1A71FB3D-EECA-4A2E-A39D-6791CA52B70B&ep.platform=Cheetah&ep.platform_version=13.6.3&ep.fem_version=v82.0&ep.mp_id=-7711734014240308582&ep.brand=canada.com&ep.timestamp=2023-05-27T19%3A38%3A53.467%2B00%3A00&ep.ga_client_id=341653313.1685216333&ep.query_id=CPfEoYeglv8CFXVc5Qod-I8Ekg&_et=434
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-CBS6P3K53Q&gtm=45je35o0&_p=1199777842&cid=341653313.1685216333&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAI&_s=3&dl=https%3A%2F%2Fo.canada.com%2F&sid=1685216333&sct=1&seg=0&dt=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&en=ad_impression&_c=1&ep.debug_mode=false&ep.gtm_version=49&ep.gtm_container_id=GTM-P3Q4QHW&ep.ad_blocker_enabled=false&ep.user_status=anonymous&ep.page_type=index&ep.session_uuid=1A71FB3D-EECA-4A2E-A39D-6791CA52B70B&ep.platform=Cheetah&ep.platform_version=13.6.3&ep.fem_version=v82.0&ep.mp_id=-7711734014240308582&ep.brand=canada.com&ep.timestamp=2023-05-27T19%3A38%3A53.467%2B00%3A00&ep.ga_client_id=341653313.1685216333&ep.query_id=CPjEoYeglv8CFXVc5Qod-I8Ekg&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBS6P3K53Q&l=gtm_data_layer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://o.canada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6FE8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iMxE3A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
svod-module-js.ad52c2d3e4a6fa5b8d8e.js
cdn.viafoura.net/chunks/vuex_store/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/svod-module-js.ad52c2d3e4a6fa5b8d8e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:3c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8015c93623255cebc9f72566b6942606072e3d1941f030e8ab112294a492e164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 17:40:18 GMT
x-amz-version-id
.qA6dZVFNSw2LUzJS_Ms0GGTJK5Cdef6
content-encoding
br
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
age
179916
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 May 2023 17:39:47 GMT
server
AmazonS3
etag
W/"6110d2e5e77865ee24eaee07bcdc4e67"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
j4tWYVD0vESPAS54ykC-LB_z4wDahsqqZohgtADHj9yg91BMkHImXw==
rfv.php
compassdata.mrf.io/ 		27 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://compassdata.mrf.io/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.32.62 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy03.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary6AbSkYQXa5XNBHD6

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
appInfo
config.lrcontent.com/ciam/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://o.canada.com
allow
GET, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7ce0b887992c5c85-FRA
date
Sat, 27 May 2023 19:38:54 GMT
server
cloudflare
vary
Origin
appInfo
config.lrcontent.com/ciam/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.lrcontent.com/ciam/appInfo?apikey=1a9a7ccf-c3f1-4ec9-a65f-2c3e8d9510a5
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed1ca448e15ea5cb7266513b2a97aec09561a351074ad809a1759406aa010d9

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://o.canada.com
cache-control
max-age=86400
cf-ray
7ce0b887e97d5c85-FRA
main.19.8.415.js
static.adsafeprotected.com/ Frame 0093 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.415.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138430359159&pubOrder=3184962652&cb=1183457747&custom=index&custom2=1&adsafe_par&impId=1bd71d0b-fcc6-11ed-a226-02caf40e7d43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bde5c0448058d448cbd3fe0daa8a9e2e3a5b7c7884735a70b262cf5dc033ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 18:54:20 GMT
x-amz-version-id
xePVMjdKO0vyGSuD7L.afZf9hoT.DBWP
content-encoding
gzip
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
175475
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 May 2023 15:51:21 GMT
server
AmazonS3
etag
W/"a0cc8f7fc4ab35964a9b625ed7fc93e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
sagUfSn_rzj9syDPkii09iiyc3NAvuq6iJOikpzNkAJ1kBAJAHklEg==
main.19.8.415.js
static.adsafeprotected.com/ Frame A9A2 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.415.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=528341539&custom=index&custom2=2&adsafe_par&impId=1bd71d0c-fcc6-11ed-a226-02caf40e7d43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62bde5c0448058d448cbd3fe0daa8a9e2e3a5b7c7884735a70b262cf5dc033ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 18:54:20 GMT
x-amz-version-id
xePVMjdKO0vyGSuD7L.afZf9hoT.DBWP
content-encoding
gzip
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
175475
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 May 2023 15:51:21 GMT
server
AmazonS3
etag
W/"a0cc8f7fc4ab35964a9b625ed7fc93e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
aEmxOGpxq7Kxl52C6Mg1k003I5YRzreCZwYLDVO0wTTTeDGesEA--A==
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/d3ff66f7bb6e44c8dbc1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
sca.17.6.2.js
static.adsafeprotected.com/ Frame 92B9 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21441758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
csyDwTz2zHXHfCGYpIcxX6oAcV7IfbRYbnsro4CAZHVwTP5drYQSyg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=300x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138430359159&pubOrder=3184962652&cb=1183457747&custom=index&custom2=1&adsafe_par&impId=1bd71d0b-fcc6-11ed-a226-02caf40e7d43&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:705a91b3-c72c-1125-bc58-59cfe703ec57,c:dQtwR9,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-76dcc6f68d-cztgd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:79,mot:0,app:0,maw:0,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a1,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:94,oid:1d0f27fa-fcc6-11ed-8056-26f25d78ba82,v:19.8.415,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtwRv,pingTime:0,time:116,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:116,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
login
postmedia.hub.loginradius.com/ssologin/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS POST, GET, PUT, OPTIONS, DELETE
Access-Control-Allow-Origin
https://o.canada.com
Connection
keep-alive
Date
Sat, 27 May 2023 19:38:54 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-LoginRadius-Server
Primary - IDX - AWS
X-Server
ms_idx_primary
login
postmedia.hub.loginradius.com/ssologin/ 		38 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://postmedia.hub.loginradius.com/ssologin/login
Requested by
Host: auth.lrcontent.com
URL: https://auth.lrcontent.com/v2/LoginRadiusV2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.185.12.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-12-185.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://o.canada.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sat, 27 May 2023 19:38:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, POST, GET, PUT, OPTIONS, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://o.canada.com
X-LoginRadius-Server
Primary - IDX - AWS
Access-Control-Allow-Credentials
true
X-Server
ms_idx_primary
Connection
keep-alive
Content-Length
38
sca.17.6.2.js
static.adsafeprotected.com/ Frame 5E48 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: o.canada.com
URL: https://o.canada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21441758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8SaioQSbEpisjpxL7uHj7qkEN6iebmxEBb9K4KtNyKPGCv58CuGazw==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928934&campId=970x250&pubId=4811995650&chanId=68750341&placementId=6271300695&pubCreative=138431019205&pubOrder=3184962652&cb=528341539&custom=index&custom2=2&adsafe_par&impId=1bd71d0c-fcc6-11ed-a226-02caf40e7d43&adsafe_url=https%3A%2F%2Fo.canada.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:20802c67-e319-7357-c766-727e4aef5073,c:dQtwRM,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-76dcc6f68d-26txr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.1206.970.250,am:i,cc:315.1206.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:119,mot:0,app:0,maw:0,fm:tFujZPb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:125,oid:1d0f27db-fcc6-11ed-8cb5-822754cb4f14,v:19.8.415,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.254.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-254-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=20802c67-e319-7357-c766-727e4aef5073&tv=%7Bc:dQtwRN,pingTime:-8,time:126,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:125,wc:0.0.1600.1200,ac:315.1206.970.250,am:i,cc:315.1206.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZPb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:126%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtwRW,pingTime:-2,time:143,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:146,beZ:147,mfA:224,cmA:225,inA:226,inZ:229,prA:230,prZ:234,si:240,poA:240,poZ:260,cmZ:260,mfZ:260,loA:266,loZ:269,ltA:288,ltZ:288,mdA:147,mdZ:201%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:143,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B61~100%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a1,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:95,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_0,google_ads_iframe_/3081/ccn.com/index_0__container__,ad-1,ad__inner-1,main-content%5D,sinceFw:48,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=20802c67-e319-7357-c766-727e4aef5073&tv=%7Bc:dQtwS2,pingTime:-2,time:141,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:132,beZ:133,mfA:250,cmA:250,inA:250,inZ:251,prA:252,prZ:254,si:257,poA:257,poZ:264,cmZ:264,mfZ:264,loA:269,loZ:270,ltA:272,ltZ:272,mdA:133,mdZ:186%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:125%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:125,wc:0.0.1600.1200,ac:315.1206.970.250,am:i,cc:315.1206.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZPb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:126,slid:%5Bgoogle_ads_iframe_/3081/ccn.com/index_1,google_ads_iframe_/3081/ccn.com/index_1__container__,ad-2,ad__inner-2,main-content%5D,sinceFw:15,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtwSz,time:182,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:182,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~100%5D,as:%5B100~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a.928934%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95,sis:159%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=20802c67-e319-7357-c766-727e4aef5073&tv=%7Bc:dQtwSA,time:175,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:175,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:125,wc:0.0.1600.1200,ac:315.1206.970.250,am:i,cc:315.1206.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tFujZPb+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1a*.928934%7C1a1,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:126%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 8F46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbzaO7IQuO0q9NzwTMwBAuRzpRtLGM53gK27oqZ0Z0k17daSuNKVOO_GLrpMiksQaV4MPqpR9jtiHxEO7smFspkMtJHwNtmf4UENCUyZFShHHEcKmgh2h5OFoK6CS_VsMTEQbkeSJeulq4LKcb2CKLect4hPWsc53ASDIclQZQP15GIsXXVH-A5GdoWzEtOzOK10ImEGqBO0n6Nqbtilw7JIljgKUncecmT5zya8Eowt2rJhiZdAlLLDOoHe77LglbAEe9ZDj8uRwpGfQwH5kdpqjrtiEdLP_sL65IV1k1EIKgEGlEIFDsJwkMtw&sai=AMfl-YQtr3oFbD1hW7tEaOJfv2rCoSHjZ5lZNWY-Z2GWu0ySDie2UrQPqoY5bl19o1gp01TdCKs58THOVibs5NU1XtrHr8dNoxoUGt8hJRhPHyNnVxXLVSASRlcRzACkmJI&sig=Cg0ArKJSzJA3fC2-3cAMEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 May 2023 19:38:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EE2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn0Gkgkp3y8hZhcmxfLxIgv744f0uBxl1ITnsoVi2_R6fcOOwXqODUODvyzLM9yozeUEeH8KTF4qVz8BLTUyo2mgJhkZ8JqCu2D95mt45ut9OSJzRxujW-g0q2JwJdYtm5tjvK2nkPsGhuX9Qcs8mwA4ZFRzFaOw2zkxuFIVGVHnLmVVbyT8XRWZtwDWFvV4SB6U2naAYQoEcUjeayEucYonGC34-447lWJwg_GH82V4Byfs5WoQd0klULxZ8WWzoxHOW8BkrsdzAaKHJv0ZYQBmfrqbHmAu0iLMENYGOZ_VkuhwJO52QwyWe6dQ&sai=AMfl-YSymmh2mMXotYlEC0JfxcBHAxsDYDHTKSAIuOQDarAxbSsAU0_QQmz_niYAniGhK_LGlOFUuGCCihK_x7AOpO6Yw89vRlDCfZvuf4zyngT3VMuG3iUg-iMLmb34qzI&sig=Cg0ArKJSzKHLAFdiPPtQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 27 May 2023 19:38:54 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.77.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-77-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://o.canada.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 27 May 2023 19:38:54 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.77.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-77-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 27 May 2023 19:38:54 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
www.facebook.com/tr/ Frame 7CA6 		0
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://o.canada.com
Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://o.canada.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 19:38:54 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtwWZ,pingTime:-10,time:456,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685216334465%7C%7C9ae90fb177db4f37fe3295b50cc79c67%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cbfcaf24548195dc261f89c3c2bf33a21%7C%7Cdafe720fe1d634938e2cfbb3bc896966%7C%7Ccebcc4262b7b95b2add7fc1e8ce183f6%7C%7C7b2701bf88123a474d549c514ead5a4a%7C%7C87a54b9370fae2d48fc11368c56f0670%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:54 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305230101&jk=2986832354050858&bg=!y8ilyJzNAAZu7ficTu07ADkAdvg8WiQnW-UB00lt6q4TqyU1ekPSezXY52s7SUwGu8c3CLIZ1hvUIhOhaDkpyKwgFYKM0jlCZEsCAAABKVIAAAAEaAEHCgBn3i0yzql7FdXbMNvIHth91UITelrZxOSZBf7apmaJ1txWj-0rLNN_FHl6kFGz2xDQQeOXiiAyAh02BNGMnAhuODeI9dyoBDCgAqMvbXsGL7CcvtKq6wC-REcmQOuZ6EipBk5lv_6lFJkCn3PSW2N9uWG8-TTQkMxb3fXwsxCgJtcpkACNoQN6zgxyuF9P5KWAEl5RLSZR98o8AYEBVesqRnF_KD4qiyZ2f5X11mlmgRCxJZSUT6WhiQdW56CiynMIf9zCZBRUgA1uvr0-Qe8swSl8CrkqXQoeF7zLdZQDWi6mFdjZOA2TBYrr3TSooltwll_9PrrsgROyq349mGU_yTrg26j3yPn9vHn_G_SNkX-SncYJWzFTnfyPHlZog-Zo-sfFskCDN-z-wtD0jwf1KowVPrCY2WhoWAZKv7KuYtryFgWS3m9LlnQJYZShWqTb_aUC7hBLrKN3kvqyuhMdz9BuAj5S1mHJW-lyStTQQuZzaKqTR8qReOFXrIyLWIlAhQMlmd0FjTH_lswFUxgvZumvO3up5WTyd-lVO5VZdeluMTlnlwTjBOySVrtvXuGFsIp2KiKtRdBAghGiORCkltjpYRKcNIJAfUdVRVGgCOw96Ki9B67tv2V4ozSC96fYNvCc59RCOA8by4Iu8xFWb2aSBESS_r4tHH-eB6E2Y5QJS_Z8_JUxBqcA4gsB9ITWYAic8sBVRKEkYPvCJv4ZMFX7JZPQzB-wWZHDacpeJpBT0RUHv8mkLsS6isHIp2EGQ71Wl151ccUeoan7hq6yT94FdBk93VBcyXFm73iT-WnaVINo1UT26kSkXqS6bHa39SFb0zZ5b8Dzi8JRcoeH2kQbEDbUaHiUnt6Fd2bonNGONDAYX-pKnhT1ZK6ppTbUFdIcu0kAzDCIpjfdreqOCA5ciqJtaDBdVzRlAL2tELRo0QRR333E9z7EhxS9shN97mHWYeVG9BXsTI9OHgPnSNcSFrscVxjcw885N-vH6nHa8xmgoWoxPTBgCYxuc9o8iDxcGaalETsW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=20802c67-e319-7357-c766-727e4aef5073&tv=%7Bc:dQtx57,pingTime:-10,time:952,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685216334465%7C%7C9ae90fb177db4f37fe3295b50cc79c67%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cbfcaf24548195dc261f89c3c2bf33a21%7C%7Cdafe720fe1d634938e2cfbb3bc896966%7C%7Ccebcc4262b7b95b2add7fc1e8ce183f6%7C%7C7b2701bf88123a474d549c514ead5a4a%7C%7C87a54b9370fae2d48fc11368c56f0670%7C%7C1663701684,sca:%7Bspg:705a91b3-c72c-1125-bc58-59cfe703ec57%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:55 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 21 May 2024 19:38:55 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:55 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 21 May 2024 19:38:55 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtx7E,pingTime:1,time:1117,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a.928934%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95,sis:159%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:55 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtx7F,pingTime:1,time:1118,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a.928934%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95,sis:159,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:55 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtx7F,pingTime:1,time:1118,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:103,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a.928934%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95,sis:159,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:55 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EE2A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_8hoUU69UtU9gu-dQaIypPG7UG2MxWRvqwdGMe78UVJc1iYeXDN3f37fNPv8P3jQTxiEAznm2Kezh0uoKL6qdxzFxnpcm87uoOJvh3OjqpEhB3fWC&sig=Cg0ArKJSzM47GoDyBo-PEAE&id=lidar2&mcvt=1000&p=109,650,359,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4217552496&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685216333855&rpt=454&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=21ec23a2-b38a-456e-b801-e5877a041482
Requested by
Host: 23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
URL: https://23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app/23dc09d6-b664-425a-a76e-0eed6a6cc102-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
4c069bdca1df234d60dfe66a75c3bd0077f323e3d6cf42f989591bfaf3a33418

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 27 May 2023 19:38:55 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
recirculation.php
events.newsroom.bi/ 		12 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:56 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
p
sb.scorecardresearch.com/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10276888&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1685216337348&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20113.0.5672.126&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1685216332346&ns_ts=1685216332346&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1685216332346&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fo.canada.com%2F&c8=Canada.Com%20%7C%20Homepage%20%7C%20Canada.Com&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.34.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-34-25.cdg3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
via
1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
CDG3-C2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
6zjLyxsrgEyWlz8Gljjsk26qXR06Tj2TTBuTVxcayLcs3vjiG728fg==
envelope
lexicon.33across.com/v1/ 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame CFE3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ce0b89d184e9229-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 27 May 2023 19:38:57 GMT
expires
Sat, 27 May 2023 23:38:57 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 79A1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 May 2023 19:38:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E6C9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
42051
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 27 May 2023 19:38:57 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
406, 228648
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230139-FRA
X-Timer
S1685216338.519116,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 2FC5 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 27 May 2023 19:38:57 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7CAB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/14648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://o.canada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19849
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 27 May 2023 19:38:57 GMT
expires
Sun, 28 May 2023 01:09:46 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ca613a1f214b774ad60a5291f986f85c5059fc70b60a3510ba38aa00043c5cac

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1835
Content-Type
text/html
Date
Sat, 27 May 2023 19:38:57 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sat, 27 May 2023 19:38:57 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
PugMaster
image6.pubmatic.com/AdServer/ Frame 7CAB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52861252&p=160305&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e0d0fab3bf687e080af22212ea44348bb8889eadbbe0de52e835cd21bd346cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 27 May 2023 19:38:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 79A1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sat, 27 May 2023 19:38:57 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 May 2023 11:40:38 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57640
Connection
keep-alive
Content-Length
10084
Expires
Sun, 28 May 2023 11:39:37 GMT
async_usersync
ib.adnxs.com/ Frame E6C9 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
AN-X-Request-Uuid
9e59bf21-74e1-49e1-9e4b-2e00dc112696
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E72A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZHJcUX3GMXWIqcTyS1gaHAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHVkFV0QBpsEQcdtd2HtMQc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHVkFV0QBpsEQcdtd2HtMQc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHVkFV0QBpsEQcdtd2HtMQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E72A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
335BGXTWY5AQ3TD2HJ4Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1K2209WJ4F01FA0QKYQZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIIIJdSBV5zoxCqDTIXlYW4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIIIJdSBV5zoxCqDTIXlYW4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIIIJdSBV5zoxCqDTIXlYW4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1701113937&external_user_id=79f03749-7259-4ce8-bba9-7a12868dea08
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1701113937&external_user_id=79f03749-7259-4ce8-bba9-7a12868dea08
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Sat, 27 May 2023 19:38:57 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1701113937&external_user_id=79f03749-7259-4ce8-bba9-7a12868dea08
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5db20f50-28c5-4dc0-a441-767b6312019b
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5db20f50-28c5-4dc0-a441-767b6312019b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=5db20f50-28c5-4dc0-a441-767b6312019b
date
Sat, 27 May 2023 19:38:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame E72A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2100549979195251680&expiration=1686425937
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2100549979195251680&expiration=1686425937
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2100549979195251680&expiration=1686425937
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E72A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2a05:d018:d29:3602:d99:851:e872:10fe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZHJcUX3GMXWIqcTyS1gaHAAAFB4AAAAB
date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame E72A 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZHJcUX3GMXWIqcTyS1gaHAAA%265150
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fo.canada.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
3490
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ce0b89df89b2bbc-FRA
content-length
43
expires
Sun, 28 May 2023 19:38:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C1B3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dee66472-5c51-4e00-b6c5-59c34367aff5&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dee66472-5c51-4e00-b6c5-59c34367aff5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 27 May 2023 19:38:57 GMT
Expires
Sat, 27 May 2023 19:38:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dee66472-5c51-4e00-b6c5-59c34367aff5&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame B6AD
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727957896774
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727957896774
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 27 May 2023 19:38:57 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727957896774
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 3B61
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 27 May 2023 19:38:56 GMT
expires
Sat, 27 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1396744
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame CA7B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1558205017748566014
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1558205017748566014
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1558205017748566014
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2316
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 27 May 2023 19:38:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SJ9JVQY7MVP65V4NX3EK

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 27 May 2023 19:38:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
P07XKJBDTFGVF49B0D95
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7CAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gPXiC4NqS1ul7QPJRTD3yA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19849
accept-ranges
bytes
content-length
5554
expires
Sun, 28 May 2023 01:09:46 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 7CAB 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.17.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-17-68.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.81
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 7CAB
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=110183522
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=80F5E20B-836A-4B5B-A5ED-03C94530F7C8
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=80F5E20B-836A-4B5B-A5ED-03C94530F7C8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:56 GMT
via
1.1 google
last-modified
Sat, 27 May 2023 19:38:57 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=80F5E20B-836A-4B5B-A5ED-03C94530F7C8
date
Sat, 27 May 2023 19:38:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 7CAB
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=80F5E20B-836A-4B5B-A5ED-03C94530F7C8
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZzBod3R4TWFhelJTdm1oZloxeThWOEUwdw==&google_redir=http%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIi...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W3sibmFtZSI6ImFkZm9ybSJ9XX0%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3309410426810222061&r=eyJ1IjoiaHR0cDovL2EuYXVkcnRlLmNvbTo4MC9wIiwiZCI6W119
  • https://a.audrte.com/p
68 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
18.66.97.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-128.fra56.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:58 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
content-length
68
x-amz-cf-id
tmq1mEBgx5-7CHDPoBd4TmSfrIYKPn69WOI1OK7AsSJhwShiVt9S3w==

Redirect headers

date
Sat, 27 May 2023 19:38:57 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
server
nginx/1.18.0
x-amz-cf-pop
FRA56-P2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST, GET, OPTIONS
x-cache
Miss from cloudfront
location
http://a.audrte.com:80/p
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
zhaJjPA2zi-zR36knkNvFJuFzwnfq_F0DCHxeGJfjADMuL1efO_Q7g==
Pug
image2.pubmatic.com/AdServer/ Frame 7CAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODBGNUUyMEItODM2QS00QjVCLUE1RUQtMDNDOTQ1MzBGN0M4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7CAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOew5_j7e3P-leoQhPltvDI&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOew5_j7e3P-leoQhPltvDI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOew5_j7e3P-leoQhPltvDI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7CAB 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 26 May 2023 19:38:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7CAB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3309410426810222061
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3309410426810222061
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3309410426810222061
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 7CAB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
recirculation.php
events.newsroom.bi/ 		12 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:57 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
ecm3
s.amazon-adsystem.com/ Frame 79A1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4pOq6lMWSaiJ7-Pgjwgapg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4pOq6lMWSaiJ7-Pgjwgapg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4pOq6lMWSaiJ7-Pgjwgapg
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y88N1H9H7QRZ1TYT83GF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4pOq6lMWSaiJ7-Pgjwgapg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 79A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEycKa5Rz94FjbcErUrbL1k&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEycKa5Rz94FjbcErUrbL1k&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEycKa5Rz94FjbcErUrbL1k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 79A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEk2RUFKWFctMy0zOVhF
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHjv1I0PPnUDny_bxqfCcYo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2RUFKWFctMy0zOVhF&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2RUFKWFctMy0zOVhF&google_push=
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEk2RUFKWFctMy0zOVhF&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 79A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQxMzk1NTgwNDE1YmJhYTJkMDg0OGVhZjViNjIyNGZhNzY0N2UzZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQxMzk1NTgwNDE1YmJhYTJkMDg0OGVhZjViNjIyNGZhNzY0N2UzZQ
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWQxMzk1NTgwNDE1YmJhYTJkMDg0OGVhZjViNjIyNGZhNzY0N2UzZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 79A1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 79A1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVL0MqgRQ0-neBuG1ND_Zw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVL0MqgRQ0-neBuG1ND_Zw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVL0MqgRQ0-neBuG1ND_Zw
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZ2065EWEG69P5FDBV6K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MVL0MqgRQ0-neBuG1ND_Zw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 79A1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/mbtlWcFsT3RZX-2YVez10Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2macBQ9E2oJatovyMRA8Fdh9qoZzvr.mwhM2Kg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2macBQ9E2oJatovyMRA8Fdh9qoZzvr.mwhM2Kg--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 27 May 2023 19:38:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2macBQ9E2oJatovyMRA8Fdh9qoZzvr.mwhM2Kg--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 79A1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 27 May 2023 19:38:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
async_usersync
ib.adnxs.com/ Frame E6C9 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 May 2023 19:38:58 GMT
AN-X-Request-Uuid
ce96a8cd-ba5b-4732-8742-19516f6ce946
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.142; 178.162.209.142; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
multimedia.php
events.newsroom.bi/ 		12 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/multimedia.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/d3ff66f7bb6e44c8dbc1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.144.218 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://o.canada.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 27 May 2023 19:38:59 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://o.canada.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928934&asId=705a91b3-c72c-1125-bc58-59cfe703ec57&tv=%7Bc:dQtyad,pingTime:5,time:5120,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:94%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5120,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:94,wc:0.0.1600.1200,ac:650.109.300.250,am:i,cc:650.109.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5038~100%5D,as:%5B5038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:244,fm:tFujZP3+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.928934%7C191%7C1a.928934%7C1a1,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:95,sis:159%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://o.canada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 May 2023 19:38:59 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 7CAB 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160305
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 15:03:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344KfnAAE&gdpr=0&src=pbjs&ver=7.40.0

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless function| setNptTechAdblockerCookie object| script object| LRNameSpace object| LoginRadiusDefaults function| LoginRadiusUtility function| LoginRadiusApiFramework function| setLoginRadiusDefaultSchema function| setLoginRadiusModuleFunctions function| LoginRadiusHooksModel function| SetLoginRadiusCommonFunctions function| LoginRadiusControllers function| LoginRadiusV2 function| FormValidator object| hash object| modern_script_elem object| legacy_script_elem object| ytAdTargetingLoadEvent function| script_onload string| locSrc object| ytVideoAdTargetingConfig object| BlockAdBlock object| blockAdBlock object| webpackJsonpFrontEndModules object| tp object| __iasPET object| FrontEndModules object| googletag object| permutive object| apstag object| pbjs object| diagPixSentCodes object| __iasAdRefreshConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| headertag object| Criteo function| headertag_render function| sovrn_render boolean| apstagLOADED object| apscustom object| _aps object| pbjsChunk object| _pbjsGlobals object| webpackChunkdjango_content_services object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_136 object| Criteo_136 object| __permutive undefined| google_measure_js_timing object| PublisherCommonId string| iasScores object| Sailthru object| ns_ object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| vf object| vfQ object| dataLayer object| mParticle object| gtm_data_layer boolean| femCePnIdReadyTriggered object| mpOneTrustKit object| GoogleTagManagerKit function| OptanonWrapper object| dl_mparticle object| mp_data_layer object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| viafoura object| COMSCORE object| _comscore object| googleToken object| googleIMState function| processGoogleToken object| google_tag_manager object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_797902 number| google_unique_id object| gaGlobal function| WebVTT object| GoogleGcLKhOms object| closure_lm_842596 string| GoogleAnalyticsObject function| ga function| e function| t object| marfeel function| fbq function| _fbq object| PARSELY function| autotrack function| gtag object| cast function| onYouTubeIframeAPIReady function| _typeof object| gaplugins object| gaData function| _ga_originalSendHitTask object| __connect object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| __IntegralASExec object| google_image_requests

76 Cookies

Domain/Path Name / Value
o.canada.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.canada.com/ Name: pbjs_sharedId
Value: b487f78d-3c9a-4a5c-92f4-72f716d86a97
.canada.com/ Name: permutive-id
Value: 6ab5bdae-36a2-4e08-bc44-584fe5f5038c
.23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co/ Name: pxid
Value: 01e97369-b6e1-43c6-b3cc-0a8956597f71
.liadm.com/ Name: lidid
Value: dab38a0f-021a-4417-9188-c597eb18c720
o.canada.com/ Name: __adblocker
Value: false
o.canada.com/ Name: political-ad-opt-out
Value: {"data":false,"exp":604800000,"ts":1685216332042,"mac":1607225702}
o.canada.com/ Name: sailthru_pageviews
Value: 1
.criteo.com/ Name: uid
Value: 3346411f-be3b-4ca1-ac61-94b6ec4135fe
.doubleclick.net/ Name: IDE
Value: AHWqTUkU2X-a9uM12NXwG2cnrH2roBYnnNn9rSP7SgV_4C7cLmrgTiSd42A_jphxJbM
.canada.com/ Name: cto_bundle
Value: D4t3uF9UTnFBOGpiUDdYa2w2SjNESTVTaHRGJTJGVyUyRmRCeDY5S1BBbHcyd1B6VGhFM2lFc3I3eiUyQmExJTJGYktzVEd2dSUyRmRzR1FkWWl3UWpiS252RWlvZGRISm5Ya0QxJTJGVzlYOFd5RGJqUTBuUXRmd0IzZHM0WmVJTWV1M0xkUGhpZFJkMXFsMFE5dGpEZExzNE9QZjRLWGEzTkZPT1ElM0QlM0Q
.rubiconproject.com/ Name: khaos
Value: LI6EAJXW-3-39XE
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpLcl29WzlBIi+IXqvPVzt4X6LBWwGzep0kIUeXzf4l4cKLi5w+XZ5+B6NGWVotE2BymPvo8pleP2bDzJ4tek1PjSjwqiqHOTs=
o.canada.com/ Name: sailthru_content
Value: e0e63ee57f02752e397065170b7057a9
o.canada.com/ Name: sailthru_visitor
Value: 7def85ad-ace3-475e-afc5-c4469ed8a577
.adnxs.com/ Name: icu
Value: ChgIh71PEAoYASABKAEwzLjJowY4AUABSAEQzLjJowYYAA..
.adnxs.com/ Name: uuid2
Value: 2972695345790486066
o.canada.com/ Name: x-id
Value: {"data":{"adLight":false,"id":"frqcvrypbylqryfig9nlngfh38fta77ed","updated":1685216332712},"exp":604800000,"ts":1685216332712,"mac":-1430187591}
fem.gprod.postmedia.digital/ Name: x-id
Value: {"data":{"adLight":false,"id":"frqcvrypbylqryfig9nlngfh38fta77ed","updated":1685216332712},"exp":604800000,"ts":1685216332739,"mac":-1430185452}
.yahoo.com/ Name: A3
Value: d=AQABBExccmQCECfgfHY8ckR3cZoO98aGmiUFEgEBAQGtc2R8ZAAAAAAA_eMAAA&S=AQAAApWEsDZopsqSbTJSF6q5xBM
.canada.com/ Name: mprtcl-v4_4662F03F
Value: {'gs':{'ie':1|'dt':'us1-99b65fde89a1a145894d2d51d283cc83'|'av':'1.0.0'|'cgid':'7e3f2da9-9893-47a6-bc77-c899a11285d8'|'das':'371eb6c0-0511-4a55-f0e7-459fa2f79f82'|'csm':'WyItNzcxMTczNDAxNDI0MDMwODU4MiJd'|'sid':'1A71FB3D-EECA-4A2E-A39D-6791CA52B70B'|'les':1685216333461|'ssd':1685216332894}|'l':1|'-7711734014240308582':{'fst':1685216333201|'ui':'eyIwIjoiZnJxY3ZyeXBieWxxcnlmaWc5bmxuZ2ZoMzhmdGE3N2VkIn0='}|'cu':'-7711734014240308582'}
.canada.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://o.canada.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1685216333550%2C%22slts%22:0}
.canada.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=31f16b0d-7241-4c5f-8d06-4d45661eaad4%22%2C%22session_count%22:1%2C%22last_session_ts%22:1685216333550}
.canada.com/ Name: _ga
Value: GA1.2.341653313.1685216333
.canada.com/ Name: _gid
Value: GA1.2.446147290.1685216334
.canada.com/ Name: _gat_UA-213173459-10
Value: 1
.canada.com/ Name: _gat_UA-138335866-21
Value: 1
.viafoura.co/ Name: VfSess
Value: 7jp3uqbo0qqrnuoilvoh5b47mh
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.canada.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1685216333%2C%22currentVisitStarted%22%3A1685216333%2C%22sessionId%22%3A%2249c2700a-7624-4b80-bb43-fb460e1ede09%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//o.canada.com/%22%2C%22referrer%22%3A%22%22%7D
.canada.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1685216333%2C%22userId%22%3A%224f1e4ee8-c9e4-4541-be13-529e9acc1e23%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1685216333%2C%22timesVisited%22%3A1%7D
.canada.com/ Name: compass_uid
Value: 4f1e4ee8-c9e4-4541-be13-529e9acc1e23
events.newsroom.bi/ Name: 1528_u
Value: 4f1e4ee8-c9e4-4541-be13-529e9acc1e23
events.newsroom.bi/ Name: 1528_lv
Value: null
events.newsroom.bi/ Name: 1528_ut
Value: 0
o.canada.com/ Name: _vfz
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.1685216334.1.medium=direct|source=|sharer_uuid=|terms=
.canada.com/ Name: _vfa
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.5a12c2c1-bf86-4524-972e-387cefbb94ff.1685216334.1685216334.1685216334.1
.canada.com/ Name: _vfb
Value: o%2Ecanada%2Ecom.00000000-0000-4000-8000-90e188e7f27f.2..1685216334....
.canada.com/ Name: __gads
Value: ID=c0728d7fb1ba418a:T=1685216333:RT=1685216333:S=ALNI_Mbx7ybJJccXmSZgS3g7wEA6dpRn8A
.canada.com/ Name: __gpi
Value: UID=00000c28e06be2ab:T=1685216333:RT=1685216333:S=ALNI_Mb1IxycpfvVxvTxxojYV3N7ZTvAAA
.canada.com/ Name: _fbp
Value: fb.1.1685216333906.792088251
.canada.com/ Name: _ga_CBS6P3K53Q
Value: GS1.1.1685216333.1.0.1685216333.60.0.0
.viafoura.co/ Name: vfDeviceId
Value: 569d8e79-77ef-4fe8-800d-6d1249652065
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: ZHJcUX3GMXWIqcTyS1gaHAAA
.casalemedia.com/ Name: CMPS
Value: 5150
.casalemedia.com/ Name: CMPRO
Value: 5150
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 80F5E20B-836A-4B5B-A5ED-03C94530F7C8
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160305:2
.pubmatic.com/ Name: DPSync3
Value: 1686355200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1686355200%3A220_13_54_46_161_21_56_7_251%7C1686441600%3A35
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~2bvv
.weborama.fr/ Name: AFFICHE_W
Value: 3FzG2O2xs3Lc24
.mathtag.com/ Name: uuid
Value: dee66472-5c51-4e00-b6c5-59c34367aff5
.simpli.fi/ Name: suid
Value: 3531D5FB387C4088A9591C7B5E55A5DC
.adform.net/ Name: C
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mrc0NbewNDM3NxHiM9TN0zXxc3Is1vVIiwoCAEPXAvwlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFqZGhmbGxuZm4IAEdMyJ8QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mrc0NbewNDM3NxHiM9TN0zXxc3Is1vVIiwoCAEPXAvwlAAAA
.de17a.com/ Name: guid
Value: 1.1558205017748566014
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOew5_j7e3P-leoQhPltvDI&KRTB&22987-CAESEOew5_j7e3P-leoQhPltvDI&KRTB&23025-CAESEOew5_j7e3P-leoQhPltvDI&KRTB&23386-CAESEOew5_j7e3P-leoQhPltvDI
.pubmatic.com/ Name: PugT
Value: 1685216337
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727957896774
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:dee66472-5c51-4e00-b6c5-59c34367aff5&KRTB&16736-uid:dee66472-5c51-4e00-b6c5-59c34367aff5&KRTB&23019-uid:dee66472-5c51-4e00-b6c5-59c34367aff5&KRTB&23114-uid:dee66472-5c51-4e00-b6c5-59c34367aff5
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1558205017748566014
.company-target.com/ Name: tuuid
Value: 79f03749-7259-4ce8-bba9-7a12868dea08
.company-target.com/ Name: tuuid_lu
Value: 1685216337|ix:0
.audrte.com/ Name: arcki2
Value: g0hwtxMaazRSvmhfZ1y8V8E0w!20220908!1685216337677!ip#178.162.209.142
.audrte.com/ Name: arcki2_pubmatic
Value: 80F5E20B-836A-4B5B-A5ED-03C94530F7C8!20220908!1685216337681
.adform.net/ Name: uid
Value: 3309410426810222061
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3309410426810222061&KRTB&23263-3309410426810222061&KRTB&23481-3309410426810222061
.audrte.com/ Name: arcki2_ddp2
Value: g0hwtxMaazRSvmhfZ1y8V8E0w!20220908!1685216337819
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2_adform
Value: 3309410426810222061!20220908!1685216337950
.amazon-adsystem.com/ Name: ad-id
Value: A8blhjoYI0PMi1AzvyIss4Y

6 Console Messages

Source Level URL
Text
network error URL: https://idx.liadm.com/idex/ie/any
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=35&wv=7.40.0&cb=80498983210
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?ptv=136&profileId=154&cb=2173920457
Message:
Failed to load resource: the server responded with a status of 400 ()
rendering warning URL: https://cdn.jwplayer.com/libraries/IrYAVodh.js(Line 9)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=80F5E20B-836A-4B5B-A5ED-03C94530F7C8&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23dc09d6-b664-425a-a76e-0eed6a6cc102.edge.permutive.app
23dc09d6-b664-425a-a76e-0eed6a6cc102.prmutv.co
76b02ae64bbdd1589106219a9cd2656b.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
ap.lijit.com
api.permutive.com
api.sail-personalize.com
api.viafoura.co
as-sec.casalemedia.com
assets-jpcust.jwpsrv.com
auth.lrcontent.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
canada.com
cdn.adsafeprotected.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.parsely.com
cdn.permutive.com
cdn.viafoura.net
cm.g.doubleclick.net
compassdata.mrf.io
config.lrcontent.com
connect.facebook.net
cr.frontend.weborama.fr
d5p.de17a.com
dcs-static.gprod.postmedia.digital
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
entitlements.jwplayer.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
fem.gprod.postmedia.digital
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googlesync.permutive.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
identity.mparticle.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
o.canada.com
onetag-geo.s-onetag.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
postmedia-d.openx.net
postmedia.hub.loginradius.com
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-a.rubiconproject.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
sb.scorecardresearch.com
sdk.mrf.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
smartcdn.gprod.postmedia.digital
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync.crwdcntrl.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
videos-cloudfront-usp.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
lexicon.33across.com
104.18.11.47
104.18.24.185
104.18.25.185
104.19.150.54
104.64.126.246
104.80.242.37
116.202.32.62
13.224.192.181
13.225.34.25
13.225.78.97
13.32.110.125
13.32.119.77
13.32.145.5
142.250.185.130
151.101.1.108
152.199.22.243
162.55.144.218
178.250.1.9
178.250.7.13
18.185.12.185
18.66.100.58
18.66.112.45
18.66.97.128
185.29.134.244
185.64.189.112
185.64.190.80
185.64.190.81
185.64.191.210
185.80.39.216
185.89.211.84
193.0.160.131
198.47.127.19
2001:4860:4802:32::36
213.155.156.180
216.137.44.94
216.52.2.16
23.215.22.18
23.32.184.192
2600:1f18:1aca:4280:6c5d:d5e1:5b59:447
2600:1f18:44f0:4848:aac8:30d6:df6f:8ad
2600:9000:223c:3c00:8:2ae1:d740:93a1
2600:9000:223f:b400:8:48e:53c0:93a1
2600:9000:225e:d600:1:a3fa:7cc0:93a1
2600:9000:2491:1000:2:cecb:23c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:48e8
2606:4700:10::ac43:835
2606:4700:3033::ac43:9fa2
2606:4700:4400::ac40:9256
2606:4700:e6::ac40:c60b
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::2010
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:200::645
2a04:4e42:400::626
2a04:4e42:600::645
2a05:d018:d29:3602:d99:851:e872:10fe
3.71.149.231
3.75.77.244
34.107.254.252
34.111.129.221
34.111.131.239
34.111.249.109
34.111.67.160
34.117.54.29
34.149.157.221
34.192.8.210
34.233.181.241
34.251.254.130
34.95.81.168
34.96.71.22
34.98.64.218
35.204.74.118
35.241.9.51
37.157.4.28
52.200.53.223
52.223.40.198
52.28.203.152
52.29.223.111
52.46.128.147
52.95.125.22
54.155.18.159
54.73.17.68
69.173.144.138
69.173.144.165
75.2.40.13
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dbd3448956edb73b694f0e788ad1a6e64ac40c8d0044a3aff8e728dd0af99d
0292c490af46fed8c95fb0d728a9db44f964cd7f997af76f9bc95daf7b5f7259
03438256d784864b17e07498b4a0615d9b174797334f3f793b0582e78fdeaf3f
04258e31ac0b70d6e9531c5fcbcb8f4bf415f85ddc15a8fcf747cd4382018b72
046cde1bc76b60aa1178cd679b263171008e5e8c2f525424ac559c7fc62303b9
056697ed15e390bb5d6013a6bae699c5cbe364bf06b2c957c8c7d3c8d84b8355
0568a981c6d278171ed16cea129345e0830efd6961f52f6d0a18cf5a9ec798ab
05dac4ca590d8ff5f6cf34db26c2d508f186acf0e2f724bfbb97e32760a228a7
065c16336806bd51ba922b68aa4bea16614212738e3c67e8a5ce4b300236cb32
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767698a5bde527a511f3ad283caef356b21ec959b49cdb3fcae7e86967d7cc3
087da2610678f383fc3898e883d34de5ef9ae4db4d10523800756ab60a2be4e6
092cd9c4826b6efb6273c803188196fd09f420563712dea4adcecb61a26fc83b
0a7ad0aa80b8acf6514d316e3b6bb569e1c9ee24d04acc661162968e36f9bd95
0a8f0fcdd478298e527c96f0a3d4251088619e6dc181f2e36a62c43c061a5169
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc77d749111a0739d7fdbfc9b8a1319e048dbb62c407286d83cd1940306e675
0bf58e8749b73e7abe90b96e7be6e4a9e5dbce531a88182daf6d8e92e1083e11
0d64fe593085f9af4f1f012fab4c4bf995f191050cf9dc265376359b09aad1de
0ed1ca448e15ea5cb7266513b2a97aec09561a351074ad809a1759406aa010d9
11693afad4875445073795073eab76a4ce537a3c9325ac6a10c581ce54417345
12449617b4f5c5d3d1d4af4a89e9978b2a7b0124dab80afad9b955482e8e2c24
130e13eb24d2a1bd26df6130ee6aaad01830126aac9b1b64e09840bc38ab5add
13a80fc7a10649e35a6b706deec59f3f779d27bd68e1cdd2a837c657f9c6a9ca
142a3e7ac7a64085af0b0c2bf9b3752e4cc872368d33e59e329b16c7324c7abf
157b442e6d6e6a28cfd285812d594c1ae137c091bdba8ce3f0998cf48a6fe481
1738256e6238da9bd89af13598c4534fbffd2f5f0fbe9f4af072785bdedba4b0
179c493864283938999b1e6cfb14839f78f9b25d1ec30faabbf9ea18216b23e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c34e687aa8137f1067f6fd430ea00a7c421a5111e39005a1fce14ca1482187
1942036fcecfc8a7c82bad838aa5797344b0a594cc415ce6e1da4e70aaa6ca4b
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1ae261f392f3ef581c6b62dfed9f3568bfcf676c01d8d2b9adcbf555e6217a9c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b093683792ea4a0d3153059b66dce78e682c73f721b47b3ffaa4b114199a43b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fee20b5b4a26754ee14c9faa5e7a8be36cad490da9bda99e3b2aa4e21c0669d
251d8d58edf90f6b7f8d3fad9daf9523546bad96c5f229ac0888821be9048bf4
25ddcd80c1ba9e735ec4683503dd10012b3a9f45caa886c3d802d3951b2a7110
273c30ad38c8aee798a626a454968645cc9e1b86d203ba442e2fa25a06ea5786
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
29ad382967634c893d153d44e6dc750b7152d4f1081b29830a88e287c7b04a69
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2b2829db716407b214db6479e8b412416a67ed2685b37c7c40818331a71ce02a
2c34b975a2426ef2d404900c569fc27ada7142c609651a6d663a17bb1c2437c0
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2c3f188460d3e015aaba1ccb040ea3122fbd632da4edab8aed3f57ee098bf87d
2f28c008f0ce667d697ccc95a07377e8562c0c28dd910f864724a265f75671e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6e4e4c4ae60b11b7d296ce54b227212ba7f492ec670d99bcf2bb87dd9e5dd5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
3473f8808ede60284c67d6ae41bb8040924a02603b41a98079413137d13bc843
35e5a8881e34365a13399b7c568c2427717401560f9b6b41fdb75f904718e2e4
37053a93670ce129b8eb07ca542d84bc6d7c9da924126b7f91d432a3d5196053
3778b11054daa02477c738ed3bf2ba3b0ef7c5d57eae266b9f4199fe3c65917e
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
397b0c276df8e407b6602657343774399a6ab46dd3729f446ef3c19b5bf25219
39956bccd62278cba07c6540b69fa52060fcc85fbb2217e79ba0c9c7f8a0c216
3a921fc263156c68a1d94f8610a71bf2935c2fe754f144df2bf7d028d63fe83f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0133b42ed23b2ee0a01c604b0046bb54e2f509bbf4ffcf1c57d71e932c6853
3e3d757a49a301fd2c3a50511599f01f9c3c9afbd0088124b4555912c8220ae2
3f915edde18976a3f08d4919736b558fbe11550c04a3743ecbe5b038d89cdc25
3fde76cacc186420d0405496f66f9cd00a7c14a38a9ffa4b626a09affe83cc2a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42c4ceb442ec4245367fc2c76922dcbbf6085c69dc6d287ca92fa5490770ec9b
43754ff3e0735491ab7c0a2e7c72e71447fae006ad48e63696331082ec163e25
43e003d6920a11189786b473dc30e90a4482beaf807a7b4c9bc1a7a7989fdc64
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
446bd0554dbc2e185c74d0ddc87914baf31f8b3283c2fe0e07eb84d549978435
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478d580aaf3b0bf1a049606bfbdc9662df4d8013edbd4999706ede70114377a0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c069bdca1df234d60dfe66a75c3bd0077f323e3d6cf42f989591bfaf3a33418
4e5ee5c8c55d6343189ef4eb44ee0121cd21bf33c121f04ce9d8b993e842ad8e
4f0f13185c180310952e92856efa52942c7d4249ab73caf990c740a2cde715bf
50f199dcd6d278a30ab75b6080de3d84230cb2653b71b6189b099fe83a9fe932
5104af059a91f8576592b517d137cc786070c751cd4cae8d7b73b01f95464868
5172dcf83f6d622751ea688d1ba4b507d54e3eeed9e933ac38f87ada5ecc87fd
521c60f0c979eeeabc2dcabee0d4ecdcc8c1c91e2654b4ea243d4957e4bd1ed1
52b3f43439c71fbf5639e3189f18527d05e14837c946b919e6157b49b7e64067
5325ba079d494d36eef5597080cdcd4d480a1df663b63f417365151c4c1a61e1
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
54872d86ea7534e1b60306616e8d4f04377d1e6965b8c0779befe1bf69cc2a62
5547ccd000f55d51916dde9e7ba9e0c34b77445032d345abdfdbb25cc3d0b337
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581d258b926c1cb7d85cd813ab77712c0c7b0ab3c3efdbe98a8cec08a6674060
58483a3759160f0c544b130aa85b103c122bb0fb007f4a4aa31324be7033886d
5964f9a0f179465c4c73866c79ffe1f085de93296c6a50d44094e4c9c2eccc88
59b5e7d5823555f7cd306e0eed3c58d07bd5ada8a86728a95ee49a6d38da81e5
5a1b54a2c7830e5bbd856ee3dd0dadfc5933aba68713f57cd74d493164ad36df
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5b07b1e60b300014b6190f9ad13d038a7a9b73081296a4c547de0512b36d7147
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
600a41d0feb7b60915965078c7363e71904f36fcdfad34de9fea679247f70d5a
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6203791b307eb0658509916f0ea2d5dffe8a8c0c6f0dd22a2e05cf48d4f78c10
6292f2cb5bdb20a863125959893059985cf8eb116d75afd32fe14d29e2ab030d
62bde5c0448058d448cbd3fe0daa8a9e2e3a5b7c7884735a70b262cf5dc033ea
6313e6609a6c80b05b8ca6fca1727d8bd2463899ddc7be7bc75dc4449391b979
6333459bbba841d16299dfee81d2019bf4b4133760e6b375168a4b4ce03a9079
645f2620b1758038feb5e1817c7f0ee78e0005eb80993bc7ee7942caee62ef73
64ab3fc8b4f1cefe9cea9b5f07382d217fc3949efa101152b20270ed6c1567aa
672c723f22710b733288b67e238c91f20d42e4089d1e659f94da41476a70ba44
6795a80f8eb3137451e22f501b1f04ab51840301cad664c3bbf77413ca532059
68a335c0d87dce935fee1811892070e78c514828d50bfe2ae21fde739ec1002c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d0671d81aa240f957042f1f338ac28a8c0ddb2364eb4288805b9aec5037b58e
6d4a9ee7f58b9b498e8a8026236893a66a8fc2534308b212e2bfbbac90dcad2e
7083705c1ab64b15599362f58dea6238fc419a9b507bda7af7f5d1e9d8b5ba8a
717c29e3f65250da92d8ee08e9c74f78cd2129063270a89cbed93325f7b00fe9
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7337e2592ab9aa43bb08306db6e328dfef7c55ec624f087769ef1a11058841ee
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa
778e27efca8382dd97cb9391bc27a1fd184794530ad3839367a204783be9c119
78d9aa670440910121b197f4f19277745c817f54a72b83c047914cd2ec05e233
79030020c532d13ce66d479402c01b1e299d209710abfe51a38fa6fe5e99d650
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a18f3daec97cae3c67929546a656a8a47d25f7c14c8d6f1d7c6c88489db058f
7a9cadef842ac5fd63b4217e5e26a1f9d478cc3cb116bf214f052fecdd388f73
7ae4f0f45792d9e18953559ba99c7aa69755c289db2966d8874b087d9197161f
7afbee212e2315c196d65ca0f125b67415908b887f4f7e5bd74483e81f954e7f
7da0d33a89be4251d763dbda1a4d43402bae9a24e35cacb99bda5f4b7a9f8bdd
7e6decac19fd0c3781c39cb76b145a5a0c8c3fd9d61d12a927ab92218de051f3
7f3e8467e7a1a6a4c6fcfd082fc55db45b7ae26ffd29750020bc46627f586f2b
8015c93623255cebc9f72566b6942606072e3d1941f030e8ab112294a492e164
80c1f05ddf22846e669479432b6f8641d93df9b0cccb255d4e64b1f2203f0aac
8106b51011b26cf5f69cf7769a95b3f7faf34e2f26191c4e657e705ad3f4ecb6
81a0cfc582655b9a541a554a526d4d516a56b74455377f2c3464c0183fd27a68
82c7bf61bd2ac73e4b63c989a540ff9c65aa89936fdef83ca11373184ec19f73
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
839a68170ae2c8492bbe3343524ec1624c89faee075b3050b463c46d76d66320
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b02fe84a03f487198c283a75e646513b698a38b09954e9bf399c304eb9d845d
8c8e00657998fa7053b40cd7c9ae6440e52f436837f2dc9d7d79b02972b26fea
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fbab9820deb30395b3d600a8cbd695bf02b389d78b5400fb3943f11378461d9
925abf3e95dd81547dc17dcbd96ac29eed1a93ef9caa21e101d03c02d73c57fd
95b7e12f18d5928216d1f8e16dd7ec881df6443d042fb60b241c606ec1aac530
996c93bbc3ba3134a6412b19903690c9ecef4a6b7d91dea2f718d51660e3155a
9a337baceaa23daadf46c1d98ec355dfb25975af93bae332272e7e07bfe0f0b2
9c18640014cb8be01b3712883cb601370a8a691b2910d616a188f8e916be280c
9ec8e7d8d2a24833779d77b0cffead182b79859e3f8f7934902e72a2295fd9ec
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a345a18e5d3f6c07451cb14dd480bfad123f03663912b581265d617d4725fe9a
a46516b5b8a7c95a44494daab75b1ac61c7ed0eebccbc5be74c9d970553871de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c477a0628138920b82b12ed428315d4d1b3d56be1e2a2d381fa5d03ccad935
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a8391a011ea9ace90573a9d7d269c9df70614e149d594eb1e56893435c8b8d9b
a9c697b1f96774bd4a0a6e2dd9b9dd0f7132e131f9fdebe5866f986acee1e8a8
aa5909480c1527b91e927bff12f9d2aea0fec42aa35e625047e913d38868a628
aa7bf97144cb009f548c28ebacfdb9966326bb146bafcdeb080b0b5560b7c59a
aaeab9a6a768acbe06c2b915e927977980185be1c99d0d5beace7d4fe6dcaf17
aaf7d1ee51de0c70605d034f24285aac5f21495dfcf9de67fd3dabf618894c4f
ab31f40034920c1b534146957bf16fd87455ee28193b564863bae4014b6fc9c4
abab5bfc78c2bcd792a51406b30268a8da05d5eb30abbf894e43f27eb5c63fd9
abfa0daf16e8cbd76846b828941ef76a713be910fb85cea1cd71cf16addcfa87
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af101dbfbf915cf16c9b3c8d60576c6bfa1a9241ddd8c3e2b9b9a0f9f83990e7
b0324ecde9d575cc769a42fd340b720a09f511fa34e12e260b854ce251e36b4a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48743091fa7f477ba4780fe108d6a622bf01de9e6047d7855a59e04ba87f916
b4d6c7a756b851eaed92316ff9f47aa56422120c4c0524afbc87efaffd65fce0
b5d21084962a4f52ed4c5d475b2786c0af285e3abd94df93c002a181fd5a10e4
b92f10cff5622b7e3ae92d74af583ee4ca11f3f24b23ba0b49cf2900fae9566d
ba3bbbcc95c4680dc416c3ed6758db9a5ed03a54b0f59f51cadac5c700a8b76a
bc5063025dc22c3305bfc452b2aa116b17c01dedb1917c803d4ca835c60f26f9
bd09bbfdc7001b322b08a431e816e152ebdb9ecd0a079f8081ef57596f957ba6
be2bdae49a57c4bd1f98c1df2dc875db344eaa3e637511ddbd6e54ca4f529aca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3a003424fdc5c7ba1339e2c50ceb6258f97ce0cbe66bac53e501a8738ffacc1
c3c7b193cdaffa59eb7b4f3a8f69eb587b2ff530480e835a9abcd27df6840259
c46ea21bce4fb3b31b94c44e7767bca7118b7f4a104c9eff6d4f048598a1df49
c4b15462eb69d84a10e5e0a87679ce830d12e9e1cba6e18cde06e4ecfa3480e4
c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb
c567910f6e69563b1e17802a1c9a915f910a3b5e8ff1fa392cd4e9498fa1bae0
c5c292344ea8a0d5df3459998cbe86b372e756f4ef06acbd13e5f8f871a80324
c7c00636c437e298ee9bc09d27839e1c48c4e250116f6608ee0e491b52a6c46f
c87d6317dfc3357442409c3486b46f806d9efc338034a9953b506079f3317df0
ca613a1f214b774ad60a5291f986f85c5059fc70b60a3510ba38aa00043c5cac
ccfeee3d2138ac952171cf8ab987412babcd8c3ac5fc818069357192214ef5fc
cd7f45bfc3e469b64553c67380fa2893450ffbb4fa843996af606e85730ddd2e
cf055e47c5607c22a40a02764df29b201e8857cd1b33068c49d577eb523caf07
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf96e8e7424834be82290513e2f34cb3d989bc5c2e18e2111d3eb05f7fdab160
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d313757775c99965549cd4798be91e2c9514bd5e27436f3ba7e5e9ad5f1c787d
d38f2befc0d03d926c8ab3845b2e8f189ae81c04668f9726d8ce1ed24f0cd0a2
d3f41b6c541baf0c356852185992733c3aa80d957f4dcc66454e5149e0fc4816
d463e45397d0edaaddc623981a718e083d215611d2fb2f27d58cb775baecb7d8
d52c83567c4198cefee4887a0c9b84eb127c53a35cd6fd8a05df57a76977b11f
d7b1b3bba4522fefd3ef145be0d9d3e1abe4659efa57d5488369edd360513f27
d98fc36398ceb0caf0b009adf726d48cb63cfd0b86db44222e9fc9fae738c02a
db9b160b21a425588501b012896069a80b735a5777f5412878c233ce79f93563
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
de3483b424375c05d5d183957242eb3976616d16d06bded6dd5cb8dea518d526
df25a31de249ff235f878f1c52b5db7e26dc5356f7ffc2540479d5d40065e226
dfd837b82b661aeea11d0f9d20ccac772463b36a515b021a55d95d3b97ea81ab
e0d0fab3bf687e080af22212ea44348bb8889eadbbe0de52e835cd21bd346cb5
e180a7fc8baf630385810782e5339a676583712e7199769782151ad710a8fa0d
e292f2e80de1f07bfa646f93eb3ed42ed41078a7b86be6036a6236f6c22cea7d
e3872180c40fcd17f91d35ecdb02ec96d21cb7b369995d1f2f5a584734e8ab34
e39d45892763e65be25793fcbfc3ddc2cfee159b25e54752cb76b2dd75f35088
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592c023e395d520e95efed9c15d14c77d5c101e3ce6b5d71413384508b55d59
e629265ce159f0b2f8d8e319dca7ba986d055d8e27a80032e35e2e3fb3d96db5
e6f52df7fa0683f518bd3e179288f2787ee9ee0d7ae3813d7068fea20bb8d61a
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8cb6904656301c79a9eb40a7419d96cfe4a370fc6424214e76d399ceecee50a
e8daa8b2701ceb6cef516ddc0e8e55779d295b1688f5380519c34f921cfdcf35
e99071d93ea49f838bf41f2f7a9f34c2ec8bcc3eb84f9ec401c2e537e843b69e
eac6569a641342477ec1da0107ec592877fa65421f420a4d2081bfcff508e8be
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee04546b274dd9a6191230f7c8488a6efda85d30e25be13c707cd76c15d5e8c8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc53377f4d6ddf161449d1492a7e95e5a3047e60a3fde2096f6ef60e5740366
f016ddf9b7cf2f36bd88f84f3998c63416018ac2ed2e1c92c89902f2bfe96b97
f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8
f3aeafb553691b6b5ac9e3a8ad59356db12e2e403d3071b3e7c1ad3661864a37
f4c223271b5f2e493355f3c0d48386f728a17a171cb7f6b6ac0cca2f659cc648
f4ffc1773bdd73a5c097967d6b3525248143161edfc13c8436c1f4f8afaba6a9
f517e80a372959efa16f3bbf08a9ceeafce36ac992ee5c788423c967420ed673
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bd1f3753fb744217ca54ab37d328b66be90cc0bdbc2f24489a84d7332deebf
f752049597d1c8a2b8bd225b51a08db1e343b4fe9a858c7bdb64b964275bce5b
f7a4a046540cd7b682afc0d129cbbdea16081d1a54dfd3385115725f960c54c9
f7b85ccf8f99670a793b0619b99db8099b55dee98dd8179ef7603a23c8776c94
f8e12268024b715976ba5c61881b5b71b6c5fc69274ca719aa0e2ab2c931f88e
f9a35f9ba03f74baf56efe8147142ac3863d9c21650fe111ebe8369bf0edfd3e
f9d7ed6d561f96ca06fb3912adcc155a0fa0db34d0eee351908dc9493c79e1c0
fa46724124435c3abbd6e6de0230700c968b624d6a1d22cb230b0c1d0c372631
fa6fda99fa2298f5ebf31f3e002be0433295910cec3b9af91d36d53755ce465f
fbe2776528321e86eab1c9f37320995207af2ddc97a41f452b022e7a2495c987
fd283a7b3e4b5fae649bcb1d46b25dda76025fdbcaecf737aa1b7f4ff88bde75