insurance-portal.ca Open in urlscan Pro
104.21.24.187 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://insurance-portal.ca/
Submission: On August 08 via manual (August 8th 2023, 6:27:40 pm UTC) from CA — Scanned from CA

Summary HTTP 156 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 49 IPs in 4 countries across 41 domains to perform 156 HTTP transactions. The main IP is 104.21.24.187, located in and belongs to CLOUDFLARENET, US. The main domain is insurance-portal.ca.
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.

This is the only time insurance-portal.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	104.21.24.187 104.21.24.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.103.11 172.64.103.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.72.106 142.250.72.106	15169 (GOOGLE) (GOOGLE)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
6	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
11	172.67.193.210 172.67.193.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.241.48.88 35.241.48.88	15169 (GOOGLE) (GOOGLE)
3	172.217.13.132 172.217.13.132	15169 (GOOGLE) (GOOGLE)
2 6	104.16.124.175 104.16.124.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	18.164.116.111 18.164.116.111	16509 (AMAZON-02) (AMAZON-02)
1 1	104.21.86.248 104.21.86.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	18.154.227.85 18.154.227.85	16509 (AMAZON-02) (AMAZON-02)
2	142.250.80.72 142.250.80.72	15169 (GOOGLE) (GOOGLE)
2	104.18.31.104 104.18.31.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.99 172.217.13.99	15169 (GOOGLE) (GOOGLE)
1 1	104.16.203.47 104.16.203.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.12.29 104.18.12.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3.233.58.220 3.233.58.220	14618 (AMAZON-AES) (AMAZON-AES)
1	142.251.35.163 142.251.35.163	15169 (GOOGLE) (GOOGLE)
12	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	104.18.13.29 104.18.13.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.13.206 172.217.13.206	15169 (GOOGLE) (GOOGLE)
1	18.160.41.49 18.160.41.49	16509 (AMAZON-02) (AMAZON-02)
1	18.165.98.32 18.165.98.32	16509 (AMAZON-02) (AMAZON-02)
1	23.105.12.131 23.105.12.131	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	104.91.111.76 104.91.111.76	16625 (AKAMAI-AS) (AKAMAI-AS)
4	96.16.25.140 96.16.25.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	23.105.12.150 23.105.12.150	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	44.193.59.61 44.193.59.61	14618 (AMAZON-AES) (AMAZON-AES)
1 1	80.77.87.166 80.77.87.166	46636 (NATCOWEB) (NATCOWEB)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	142.251.111.155 142.251.111.155	15169 (GOOGLE) (GOOGLE)
2	172.217.13.195 172.217.13.195	15169 (GOOGLE) (GOOGLE)
2	13.225.66.62 13.225.66.62	16509 (AMAZON-02) (AMAZON-02)
1	13.249.39.105 13.249.39.105	16509 (AMAZON-02) (AMAZON-02)
1	99.84.223.47 99.84.223.47	16509 (AMAZON-02) (AMAZON-02)
1	18.160.46.100 18.160.46.100	16509 (AMAZON-02) (AMAZON-02)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.65.161 142.250.65.161	15169 (GOOGLE) (GOOGLE)
1	18.209.202.62 18.209.202.62	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
6	172.217.13.129 172.217.13.129	15169 (GOOGLE) (GOOGLE)
7	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
1 1	172.217.13.166 172.217.13.166	15169 (GOOGLE) (GOOGLE)
3	34.107.189.102 34.107.189.102	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 11	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	213.19.162.90 213.19.162.90	3356 (LEVEL3) (LEVEL3)
1	23.105.12.136 23.105.12.136	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 3	52.94.222.140 52.94.222.140	() ()
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 4	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	184.29.143.168 184.29.143.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
156	49

8 104.21.24.187 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

insurance-portal.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.103.11 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.193.210 (United States)

ASN13335 (CLOUDFLARENET, US)

static.portail-assurance.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.48.88 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 88.48.241.35.bc.googleusercontent.com

ws1.postescanada-canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.132 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.124.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.243.189.2 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

static-portail-assurance.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

rdc.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastlygeo.m32.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-111.jfk50.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.86.248 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 18.154.227.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-85.iad55.r.cloudfront.net

media.insurance-portal.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.72 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.31.104 (None, )

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.203.47 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

conversations-widget.sendinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.12.29 (None, )

ASN13335 (CLOUDFLARENET, US)

conversations-widget.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.233.58.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-58-220.compute-1.amazonaws.com

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.163 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.13.29 (None, )

ASN13335 (CLOUDFLARENET, US)

in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.206 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-32.iad55.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.131 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.91.111.76 (Boston, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-111-76.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.16.25.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-25-140.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.12.150 (Manassas, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.59.61 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-59-61.compute-1.amazonaws.com

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.166 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.66.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-62.ewr53.r.cloudfront.net

d13sozod7hpim.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-105.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.223.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-223-47.iad79.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.161 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f1.1e100.net

9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.202.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-202-62.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.129 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.189.102 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.189.107.34.bc.googleusercontent.com

ctxtfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.151.100 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.143.168 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-29-143-168.deploy.static.akamaitechnologies.com

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	insurance-portal.ca 1 redirects insurance-portal.ca media.insurance-portal.ca	143 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 115 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377 ad.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	231 KB
19	rubiconproject.com 10 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1189 eus.rubiconproject.com — Cisco Umbrella Rank: 622 token.rubiconproject.com — Cisco Umbrella Rank: 648 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5788 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2500 pixel.rubiconproject.com — Cisco Umbrella Rank: 393	30 KB
11	portail-assurance.ca static.portail-assurance.ca	637 KB
10	googlesyndication.com 9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	73 KB
7	freeskreen.com static.freeskreen.com — Cisco Umbrella Rank: 57586 sb.freeskreen.com — Cisco Umbrella Rank: 44307	33 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 325	4 KB
6	brevo.com conversations-widget.brevo.com — Cisco Umbrella Rank: 112697 in-automate.brevo.com — Cisco Umbrella Rank: 23507	18 KB
6	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1022	224 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	108 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 188	1 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 369	74 KB
4	smartadserver.com 2 redirects ww1772.smartadserver.com — Cisco Umbrella Rank: 63857 sync.smartadserver.com — Cisco Umbrella Rank: 1464 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721	4 KB
3	ctxtfl.com ctxtfl.com — Cisco Umbrella Rank: 53851	8 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	169 KB
3	m32.media rdc.m32.media — Cisco Umbrella Rank: 30817 fastlygeo.m32.media — Cisco Umbrella Rank: 139339	19 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1165	163 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 385	946 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 874 id5-sync.com — Cisco Umbrella Rank: 440	26 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1044 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904	12 KB
2	cloudfront.net d13sozod7hpim.cloudfront.net	315 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8480	515 B
2	exelator.com 2 redirects loadeu.exelator.com — Cisco Umbrella Rank: 8830	2 KB
2	tremorhub.com 2 redirects scm.publishers.tremorhub.com — Cisco Umbrella Rank: 63838	636 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 745 script.hotjar.com — Cisco Umbrella Rank: 967	59 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	21 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	202 KB
2	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 22621	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	157 KB
2	digitaloceanspaces.com static-portail-assurance.nyc3.digitaloceanspaces.com	531 KB
2	postescanada-canadapost.ca ws1.postescanada-canadapost.ca — Cisco Umbrella Rank: 72133	26 KB
1	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 16767	7 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 391	730 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1702	2 KB
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1002	624 B
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 10606	9 KB
1	sendinblue.com 1 redirects conversations-widget.sendinblue.com — Cisco Umbrella Rank: 185277	165 B
1	unpkg.co 1 redirects unpkg.co — Cisco Umbrella Rank: 201436	494 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
0	2mdn.net Failed s0.2mdn.net Failed
156	41

	Domain	Requested by
24	media.insurance-portal.ca	insurance-portal.ca
12	securepubads.g.doubleclick.net	rdc.m32.media securepubads.g.doubleclick.net insurance-portal.ca www.googletagservices.com
11	static.portail-assurance.ca	insurance-portal.ca
8	insurance-portal.ca	1 redirects insurance-portal.ca static-portail-assurance.nyc3.digitaloceanspaces.com
6	token.rubiconproject.com	3 redirects eus.rubiconproject.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net insurance-portal.ca tpc.googlesyndication.com
6	sb.freeskreen.com	static.freeskreen.com insurance-portal.ca eus.rubiconproject.com
6	unpkg.com	2 redirects insurance-portal.ca
6	cdnjs.cloudflare.com	insurance-portal.ca
5	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
5	cdn.jsdelivr.net	insurance-portal.ca securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	2 redirects eus.rubiconproject.com
4	eus.rubiconproject.com	sb.freeskreen.com ww1772.smartadserver.com eus.rubiconproject.com
4	conversations-widget.brevo.com	insurance-portal.ca conversations-widget.sendinblue.com conversations-widget.brevo.com d13sozod7hpim.cloudfront.net
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pagead2.googlesyndication.com	tpc.googlesyndication.com insurance-portal.ca www.googletagservices.com
3	ctxtfl.com	insurance-portal.ca ctxtfl.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	www.google.com	insurance-portal.ca
3	use.fontawesome.com	insurance-portal.ca use.fontawesome.com
2	match.adsrvr.org	2 redirects
2	d13sozod7hpim.cloudfront.net	conversations-widget.brevo.com
2	www.google.ca	insurance-portal.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	loadeu.exelator.com	2 redirects
2	scm.publishers.tremorhub.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	in-automate.brevo.com	sibautomation.com
2	sibautomation.com	insurance-portal.ca sibautomation.com
2	www.googletagmanager.com	insurance-portal.ca www.googletagmanager.com
2	rdc.m32.media	insurance-portal.ca rdc.m32.media
2	static-portail-assurance.nyc3.digitaloceanspaces.com	insurance-portal.ca
2	ws1.postescanada-canadapost.ca	insurance-portal.ca
1	ucarecdn.com	insurance-portal.ca
1	px.ads.linkedin.com	eus.rubiconproject.com
1	rtb-csync.smartadserver.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	ad.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net	insurance-portal.ca
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	fastlygeo.m32.media	rdc.m32.media
1	script.hotjar.com	static.hotjar.com
1	cs.admanmedia.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	public.profitwell.com	insurance-portal.ca
1	static.hotjar.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	conversations-widget.sendinblue.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	unpkg.co	1 redirects
1	static.freeskreen.com	insurance-portal.ca
1	code.jquery.com	insurance-portal.ca
1	fonts.googleapis.com	insurance-portal.ca
0	s0.2mdn.net Failed	securepubads.g.doubleclick.net
156	64

This site contains links to these domains. Also see Links.

Domain
portail-assurance.ca
www.insuranceintel.ca
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
insurance-portal.ca GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
portail-assurance.ca GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
ws1.postescanada-canadapost.ca Entrust Certification Authority - L1K	`2023-03-15` - `2024-03-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2024-05-29`	a year	crt.sh
*.m32.media Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2023-11-22`	10 months	crt.sh
*.freeskreen.com Amazon RSA 2048 M02	`2023-02-22` - `2023-12-16`	10 months	crt.sh
ik.imagekit.io R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
brevo.com GTS CA 1P5	`2023-07-03` - `2023-10-01`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ctxtfl.com GTS CA 1D4	`2023-07-16` - `2023-10-15`	3 months	crt.sh
cps3.ucarecdn.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://insurance-portal.ca/
Frame ID: 4CB9901F5079CF065FE8F595AEEB2E66
Requests: 107 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=szl8zd6t6rzdekt2bv6xx
Frame ID: D9D498912243A5DBDE9F3DD60517850D
Requests: 2 HTTP requests in this frame

Frame: https://insurance-portal.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: A4BCAB415F91B61677E2BB307B073326
Requests: 2 HTTP requests in this frame

Frame: https://conversations-widget.brevo.com/?isModern=true
Frame ID: 4D4E21D53788F858861B329DAA2BB308
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: 7CEDAA384AAE88FDE8CF4F56626FCC6D
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 3F445E00167B87152D9AF185F3CD77F7
Requests: 4 HTTP requests in this frame

Frame: https://9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A48342ABAA944F6900106CA8671A02F9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstidYTi0vMW51EpTjaKoqCE6sTpS41tODS5eAVcvOPDd3CykJBTKXfxCEtrQ04VXd0LQ7CaeqARSecvPWxyzOVq0wz8bZmG5SIDjJFoOMs_B4SsJQv-JwAiBPmkNoxqMJWeAJSGUpYRoD2KuB4XvTtyK14pVnuD2MMwRaGtq2a3SWfNfamZ-mfdpO3zQjo-0It3HNtSdVfZgxLBcstPBfIWoSR9LvU56DIEY_CU-8qO-ANTokLYVlL_vhgYKsIa6GMYXZ7Us-aMrMg8vVuRQlZeT5uC2B_zlzGKPQBtPZrZKo2hbIMxXch5rZ3GnpcLBLmJtUUPDhdqWBWEDlCP_5YEH54&sai=AMfl-YQOyIQgJvjFxcOE4A98A0dtD0UQvYr2sIlppCOIubr4Zaph2i3Ldvp2h1lm9fOCTcLwJjZVjS7VJaOo9ZNHO4IKjSX6HVhDryCbD_p5k004alHwgOyOhLGUQWcxb2CZpHGxa8K3klL9kraaH1o7&sig=Cg0ArKJSzAOjdGpJ9kUfEAE&uach_m=[UACH]&adurl=
Frame ID: 0FA52A9242CC86E7046F7CAD44366E26
Requests: 7 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHngTSYWWWIhTWJNsBYHv37Ox8ttO4Q4NoMsVmPmamoPo6Uh7uTvZ_gIAEM3uwDqdp4ClJy-ZjtyFLPiZ4Sl-iyQv2YtCBt4Oc84MNID6RCIMcqmzL7_t-KQAeEGs3dCXb2m2V1cMbTKG5FeKcZ2B03jJOAwvRfsrt05ylpNEC56HTmm_WxTsckl1Iivyz-YM9ibUGXYfpBGiI-fohENvNIoMLYm5NxOHbqFp3bfyN9fBbAABSuNkpO6qZm0p4pO6vrv62_ko4wOLep7wsy7qn1y34mAgzY8xosXbiXYDx59c4u8sIH-53_4lI1d3Kr37HKYzzuppMGF-rzlq48c59inAXxbqrOuSnU-1uqjAAApO5-o46APgb_gfrfeqcKnw3ADRPgdNWZ5lAPOdw0bpL&sai=AMfl-YTYlXY3iXTtLLWdoDEZnGwhRzxQtFndTCSfeouZKXCsUdxkfLf-Q7_Ij2pQ5tf2tvbfw_mUWjl2qMMe8fikVbLf4F_aqQc4qWuSYjesUewDpAh3SU6-qLIB6jMM2hTkYW0ezvkZaao9cTSmIhVj&sig=Cg0ArKJSzLEOKANBa1Y4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 8FE7D54833F7C3A84F8C0D7A0B6581B8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F7F328F771A9040ACCCE7FC70A41F4E9
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1snm_nAibWY9y0mDmJ5BJCeINrKJmiV411dMXBTVefwhwFydICjkWMGhWJ6W8ppppzX8dzct2mGVNYgGpG-laOn_RKlIIE8HEXgPHszGCqcmlb-ojDkg13Cs-xBxE7JEQxJjmqCfS5vLesiO6WIUs7wtTti8ImOJMDTdmOAFMBgYfkcrGvV94uo1TFnr1iaPr3MYGHNcDEWveT8zdkpWF-NUPiGcUXXVKvNwY3lUXvroAnL8XDA0FsWNNAuZ1ToZZjQT8wfMrNH8V88esdP6DK6H7pzZ84tMvFGybQ5mF7AH2JwevT1hYEJS1JmcRoFvzw9aC-UCqsUNUZvpo651FJq8&sai=AMfl-YTpUTfddl4tJDcfJqKW_1cnV6qajTxQnXwpYUGM7buHVsgdu7YIvEtMIkjy9XrQXyGYwbZc14S7_iMzH3Rr-m9U4AffQ0HSftallAVZ-dhVdWk1DbuHeOwbkzuKxNf3veiQznzhVmSvOL-u0Hvw&sig=Cg0ArKJSzGFCgtAj56A0EAE&uach_m=[UACH]&adurl=
Frame ID: A6AE8C81281DBA4F581C3373FC5A019D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance Portal

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

156
Requests

88 %
HTTPS

0 %
IPv6

41
Domains

64
Subdomains

49
IPs

4
Countries

3333 kB
Transfer

8191 kB
Size

53
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://portail-assurance.ca/items/la-vente/
Title: La Vente by André Cyr

Search URL Search Domain Scan URL

URL: https://www.insuranceintel.ca/en/
Title: InsuranceINTEL

Search URL Search Domain Scan URL

URL: https://portail-assurance.ca/evenement/cc/
Title: Congrès Collectif

Search URL Search Domain Scan URL

URL: https://portail-assurance.ca/evenement/jad/
Title: Journée de l'assurance de dommages

Search URL Search Domain Scan URL

URL: https://portail-assurance.ca/evenement/cap/
Title: Congrès de l’assurance de personnes

Search URL Search Domain Scan URL

URL: https://portail-assurance.ca/repertoire/
Title: Répertoire des fournisseurs en assurance de dommages

Search URL Search Domain Scan URL

URL: https://portail-assurance.ca/
Title: Portail de l'assurance

Search URL Search Domain Scan URL

URL: https://www.insuranceintel.ca/
Title: InsuranceINTEL

Search URL Search Domain Scan URL

URL: https://twitter.com/insurancejourn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/insurancejourn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-insurance-and-investment-journal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://unpkg.co/gsap@3/dist/gsap.min.js HTTP 302
https://unpkg.com/gsap@3/dist/gsap.min.js HTTP 302
https://unpkg.com/gsap@3.12.2/dist/gsap.min.js

Request Chain 24

https://unpkg.com/gsap@3/dist/ScrollTrigger.min.js HTTP 302
https://unpkg.com/gsap@3.12.2/dist/ScrollTrigger.min.js

Request Chain 67

https://conversations-widget.sendinblue.com/sib-conversations.js HTTP 301
https://conversations-widget.brevo.com/sib-conversations.js

Request Chain 71

https://insurance-portal.ca/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://insurance-portal.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Request Chain 83

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 84

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
https://sb.freeskreen.com/um?sa=269243825164727293

Request Chain 85

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://sb.freeskreen.com/um?tlr=f6a45386672a47f6a81390512cf1b75b

Request Chain 86

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
https://sb.freeskreen.com/um?ac=97cb94d2-6bc5-4759-8dca-3c7dfe8988e8

Request Chain 87

https://loadeu.exelator.com/load/?p=204&g=1300&j=0 HTTP 302
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1 HTTP 302
https://sb.freeskreen.com/um?ni=032c4a1ac23ea34c7bbc0317d15911f1

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 128

https://ad.doubleclick.net/ddm/jump/N728005.4399083INSURANCE-PORTAL./B30150235.370918080;sz=970x250;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1 HTTP 302
https://www.google.com/gen_204?reason=EmptyURL

Request Chain 148

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LL2MW36C-1Y-4O0V HTTP 302
https://sb.freeskreen.com/um?mg=LL2MW36C-1Y-4O0V

Request Chain 149

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LL2MW36C-1Y-4O0V HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LL2MW36C-1Y-4O0V

Request Chain 150

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_5P9zJ4wSBmxRMoCIjB9Fg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_5P9zJ4wSBmxRMoCIjB9Fg

Request Chain 151

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc9fc7f4-b168-4651-94f7-5eeee298ffd0&gdpr=0&gdpr_consent=&expires=30

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE8e1dUydOQuIMZ38e_o4nY&google_cver=1

Request Chain 153

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGVkNmY4NDk0YzQxMjJiY2UzNTBmMWU1NmNmZDI4NTVhN2ZjYzJjYw

Request Chain 155

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwyTVczNkMtMVktNE8wVg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC41mqm9EK3V6Y8UQg_dLms&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwyTVczNkMtMVktNE8wVg==&google_push=

Request Chain 156

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL2MW36C-1Y-4O0V

Request Chain 157

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZYHCSBglTtKaZLuCK5uWKg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZYHCSBglTtKaZLuCK5uWKg

156 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
insurance-portal.ca/ 138 KB
18 KB 1896ms
1824ms Document
text/html 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3681f4cd162e9a8d1ee12c1dd99bd25fead9f08543c50ab55214e2cd89851a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f39d0582cb439cc-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 18:27:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdK5pHCfdGmZQLXhUFq4nFCF89l9yZfgRDX%2BZ1WoZrdY69k%2FrWByRZWTOoZaPXPoUT5t%2B68u1WvyYLLyDjZzFSsGVtPkQ%2BNVepvwDRHokLAbM4qdYUaVbPbq%2BjhaSQpsjIFIi4i9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie, Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 136ms
50ms Stylesheet
text/css 172.64.103.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3NT1F9KT9AE34DCA
age: 2606942
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Gzv1IzCAKgt+KTVckGEGlo/mh/xHTi063piQ/ncFTQoLy6pVwiUQb9nEeHfcWrmxu9rtpFBVyDhziEpIIpjpLQ==
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIVXtVyY0ZS3M1Zl939RgXv5Xg2qf04oJzhW1PahoS4R9nHlri9ukTEhcLy4Ke8OkBAAHkZAItoKvv3yBviaG%2BwXdvt%2F%2BnrSFKlzETOyWDf3rJ%2Bj9nEfNXaEW6HEcQ3HmTCaLuXH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f39d0643e874345-EWR

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 139ms
54ms Stylesheet
text/css 142.250.72.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tinos:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f10.1e100.net

Software

ESF /

Resource Hash

c42300cf9b9e470340d8afb2721d7463de286397c55dfd5d0f466a5c1a86fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 18:27:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 18:27:33 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 91ms
39ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691519253.cdn4-pxy202-yyz02.tr2.evs,1691519253.cds224.tr2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30957

GET
H2 200 jquery.countdown.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/ 5 KB
3 KB 85ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.countdown/2.2.0/jquery.countdown.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4609343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1985
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-14db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FvxST0im6%2BXk9QBqlgc7mLokvvA8IXe486aIyQmQN8Hs%2Bc8MZukH7xRL4cVX6siTXT3PxgIxNqMcHnDkRSfgmbDjw39pszB%2FsLOMm%2FF9uq4bsw%2FgTFXHXZBdNEJ8W8lE42%2FZR%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d063fcb7a202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
26 KB 89ms
29ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11832966
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-yyz4566-YYZ
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.js Show response
static.portail-assurance.ca/bootstrap-4.0.0/dist/js/ 106 KB
26 KB 154ms
92ms Script
application/javascript 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/bootstrap-4.0.0/dist/js/bootstrap.bundle.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407f87f9f6cfa1f37171387f60bfc6ed9bcc57702eff76e31fc560251b101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dc5d779-0064d11fe0-7170e244-nyc3c
age: 55
cf-polished: origSize=195863
surrogate-control: max-age=23;hw-h2proxy
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 20:52:04 GMT
server: cloudflare
etag: W/"f32a2428f9799cb23b494b209f393d60"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691426821.cdn4-pxy205-yyz02.tr2.ev,1691426821.cds222.tr2.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZgiZSsRGEPbEx2jewZWWyxyhKeQ4E3pth5xjte93PPFxZ%2FYQ8IfV1eLjnMb2SyFo5wKBnZER5cXTdOoE%2B21w8jQH0lt%2BNlHG0EL7gOg1T8oCQ%2FjbVz2Wv3Eyt8aoyTtnAgiXOGw%2Bk6xal8g31g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=120
x-rgw-object-type: Normal
cf-ray: 7f39d0640ed1a1fe-YYZ
x-amz-meta-mtime: 1608834524

GET
H2 200 main.css
static.portail-assurance.ca/dist/css/ 356 KB
58 KB 104ms
42ms Stylesheet
text/css 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/dist/css/main.css

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b151ea0e5be513a03f0e84f3c979e9466a9714369d8f3641f9931b1e6894a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dc5d6ed-0064d11fdf-71719a96-nyc3c
age: 6018
cf-polished: origSize=364644
surrogate-control: max-age=86400;hw-h2proxy
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 16:40:43 GMT
server: cloudflare
etag: W/"c5881c6d4d2816f3da73ff3e94ce8dd8"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691426818.cdn4-pxy202-yyz02.tr2.ev,1691426818.cds209.tr2.c
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L79zeWUWv1hgkOePwtgH2LrLq4J8h868VT4DO%2FNeq4OU4076%2B0lAi5sEWWxJrH%2BklNGzNVN%2F0jPqXwvCafNclY5vS9IGjc2kSTSmHptlvU4BArRXnPcbqfMVW1m%2FJQL5MfqW%2FSyrPye8p%2BFLirk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-rgw-object-type: Normal
cf-ray: 7f39d0640ecfa1fe-YYZ

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 86ms
27ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11247
x-jsd-version: 8.4.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4878
x-served-by: cache-fra-eddf8230045-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@8/ 140 KB
41 KB 25ms
25ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19934
x-jsd-version: 8.4.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41862
x-served-by: cache-fra-eddf8230073-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
etag: W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/ 57 KB
17 KB 84ms
32ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4570500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16919
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7c5ca4-e5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhWRUCoNUgbq5Sj914%2F2ndwZokukfQUwi5GeJKpYStVJLxYFj4Ft0guQJ4UwRkiG%2BLqQRqQ7A9u5FlOK78R1O0FeJy0%2BZcCyF80ikH0uNZkGutUbkeq9mip1M4pL0OJshG4aXQUc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d063fcb9a202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 moment-timezone-with-data.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.31/ 191 KB
23 KB 36ms
30ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.31/moment-timezone-with-data.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

135d17eb767962f4d70df6636f42aa77b14ea3a6bf804ee11467189badcf2e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4743858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23674
last-modified: Sun, 17 May 2020 12:59:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ec1352e-2fabd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CP%2FHzrMYCz3zwqKQYc9RLmUyBQ6SRUm%2F5jh%2FXEbbmvnzNY7Dxg8AC%2B1qfOBSw%2BVIn4aQendSauWQc9WUur8UJurZ1FLxZyVdI9r0IlEPjoyd2M4IpCq8zqefp4FUC0MoK84HVZda"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d0654e92a202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/ 360 KB
58 KB 46ms
41ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/moment-with-locales.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4179498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 59023
last-modified: Wed, 06 Jul 2022 23:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62c614dc-e68f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vXGqXnCHdIJr0zzFV8uO%2BvNDIep5DUW77D43wG3WEeu8kgjNouT%2BRe94taTO5RaRqI2JVhYph4Nxcb%2B30IKhFEUj3inSf8mUghKLsa0uPDdPwqt7r5VJfjmxa9JvZMi0ts5iFcd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d0654e96a202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 fr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/locale/ 2 KB
1 KB 45ms
39ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.4/locale/fr.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6716e1fbf6d0c0f086b71e077f2b4fe59a0bbd89e8b1248440d71e24a4df78f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4543624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 824
last-modified: Wed, 06 Jul 2022 23:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62c614dc-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l40829ldb1IhSYCxpvjq2OlBn2V3YqwUN7zNKVpJstaw76FfT7mHF6h%2FvyaLYMTDvvXiItsCvMwZhTQ3GMLpj2raRmozBUSfG00CuwmGs8qxGdy8Wgxvre8jTl6zm2l7gSP4U1Hf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d0654e97a202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/ 8 KB
2 KB 133ms
68ms Stylesheet
text/css 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=yr96-ru35-wa82-pe39
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.48.241.35.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 63160fe89a80e4d49565385ad833a4aa2daa12b09d7454d6b0b5c061c24970c1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.2
content-type: text/css;charset=UTF-8
cache-control: public
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2047

GET
H2 200 addresscomplete-2.30.min.js Show response
ws1.postescanada-canadapost.ca/js/ 86 KB
24 KB 72ms
66ms Script
text/javascript 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.postescanada-canadapost.ca/js/addresscomplete-2.30.min.js?key=yr96-ru35-wa82-pe39
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.48.241.35.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 4c53a35e26c24b8c9b0444fdbce94dc30043bdb79f7a6ef334b1046e3fbe202e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.20.2
content-type: text/javascript;charset=UTF-8
cache-control: public
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24366

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 166ms
66ms Script
text/javascript 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

GSE /

Resource Hash

2fe6e2fa4b865b4984dde89db09ad6748b63374bbc3bd5b251c588f793ad04df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 08 Aug 2023 18:27:33 GMT

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.24.0/ 17 KB
6 KB 108ms
57ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.24.0/axios.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 94422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5472
last-modified: Thu, 22 Jun 2023 10:49:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942756-1560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laxjBPbjUMZeZF8k44JZk5MWIKo%2BD3GuQqSytl9tUUr9sQyaN3aGP9YtNiD7csPSv3FYq2gsMwfCgTf5ruSx5Phh1IJ3Hv7UyoEu1jbfJ3kj1HvEaEIh8XdAcE5ekkbcC1pi%2FoyG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f39d063fcbba202-YYZ
expires: Sun, 28 Jul 2024 18:27:33 GMT

GET
H2 200 vue.global.js Show response
unpkg.com/vue@3.2.36/dist/ 626 KB
141 KB 129ms
77ms Script
application/javascript 104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.2.36/dist/vue.global.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054c454b65f435b4b2df541f08bae58657cba07fd898284bc39f75c4bd6283ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4078446
last-modified: Mon, 23 May 2022 02:02:58 GMT
fly-request-id: 01H3HMYNC9A33ZB3GEB7CYGA87-yyz
server: cloudflare
etag: W/"9c662-LPvw4T1VzW9kKaViblghao1RAKU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f39d063f9df3a08-YYZ

GET
H2 200 vue-router.global.js Show response
unpkg.com/vue-router@4.0.12/dist/ 147 KB
37 KB 93ms
41ms Script
application/javascript 104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-router@4.0.12/dist/vue-router.global.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8183dd4b4915b58506075bb2ba4c936304e8cd93e8757ac1119d13eae0a7b8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4078584
last-modified: Thu, 14 Oct 2021 15:53:58 GMT
fly-request-id: 01H3HMTEJ5MQ0VGAQB5ZB5VBJA-yyz
server: cloudflare
etag: W/"24cb7-3J7CCGxuFH38cDWkd6p8bMnWhbI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f39d063f9e13a08-YYZ

GET
H2 200 mitt.umd.min.js Show response
cdn.jsdelivr.net/npm/mitt/dist/ 789 B
921 B 82ms
26ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/mitt/dist/mitt.umd.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3415c9b710e6054083b53ad180c2573ebe98d428f291cb91b336bd1727ecb992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3996
x-jsd-version: 3.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 463
x-served-by: cache-fra-eddf8230023-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
etag: W/"315-3e7HAYPuRnTt8L+u56dVh8i4ZH0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 integrated-promotions.css
static-portail-assurance.nyc3.digitaloceanspaces.com/dist/integrated-promotions/ 7 KB
7 KB 138ms
48ms Stylesheet
text/css 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://static-portail-assurance.nyc3.digitaloceanspaces.com/dist/integrated-promotions/integrated-promotions.css

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

e79a9bf34c9f5e2b7cdec30be1c628bef5b63e809a7fae54551ebd82dc302dd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 29 May 2023 21:03:59 GMT
x-amz-request-id: tx000000000000061f067c6-0064d28915-7170e244-nyc3c
etag: "0f4127b779a384a2e5e986c95f0a5628"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
x-rgw-object-type: Normal
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6776

GET
H2 200 madops.min.js Show response
rdc.m32.media/ 59 KB
17 KB 90ms
25ms Script
application/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rdc.m32.media/madops.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cbee8a781a5813460ac9573aee4cb78b2660b48ed5fdb3a20aa0cd4c7bf00b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1206678
x-guploader-uploadid: ADPycdvlkGIyd074-tZp7psGJ2RWAjEJ_6wxxRzAwP4etKwdR1c835jQGCZXyLM9pJkbW6HW6nrmewom21O_iGltfdmjoJCVf-2G
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16901
x-served-by: cache-yul12824-YUL, cache-yyz4539-YYZ
last-modified: Tue, 25 Jul 2023 19:16:15 GMT
server: UploadServer
x-timer: S1691519253.384759,VS0,VE0
etag: "2275fca9d0ba359e43c258ed385823ce"
vary: Accept-Encoding
x-goog-generation: 1690312575612782
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=JIqMwQ==, md5=InX8qdC6NZ5DwljtOFgjzg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 60845
x-amz-checksum-crc32c: JIqMwQ==
accept-ranges: bytes
x-cache-hits: 21, 63025

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/178/ 25 KB
10 KB 154ms
41ms Script
text/javascript 18.164.116.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/178/freeskreen.min.js
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-111.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2cbdca26b4a69378f33d852d753e98da4d1e072593b84988510426fb7061ae7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: y1jiEouSDwRsg61JEqxqOrVg8MrTU8Su
Content-Encoding: gzip
Via: 1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
Date: Tue, 08 Aug 2023 00:47:59 GMT
X-Amz-Cf-Pop: JFK50-P6
Age: 63594
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9275
Last-Modified: Fri, 30 Jun 2023 01:54:25 GMT
Server: AmazonS3
ETag: "723df40414a7b210dbb5070f1393913c"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: k8e_5q-5fWIaZ9JWl1DVW23paykF2XQ34psPQ_CnsiUBL41cQ0jhCQ==

GET
H2

200

gsap.min.js Show response
unpkg.com/gsap@3.12.2/dist/
Redirect Chain

https://unpkg.co/gsap@3/dist/gsap.min.js
https://unpkg.com/gsap@3/dist/gsap.min.js
https://unpkg.com/gsap@3.12.2/dist/gsap.min.js

70 KB
28 KB

38ms
37ms

Script
application/javascript

104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/gsap@3.12.2/dist/gsap.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3541565
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H41MYYDJDSK201VWXFE3E5N2-yyz
server: cloudflare
etag: W/"11760-HJiFyWgWx5PhigHtsDBpYBOMEyI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f39d064eb113a08-YYZ

Redirect headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H7B6B0NYDGYF01G0ZFSC3CDT-yyz
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 129
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /gsap@3.12.2/dist/gsap.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7f39d0643a3a3a08-YYZ

GET
H2

200

ScrollTrigger.min.js Show response
unpkg.com/gsap@3.12.2/dist/
Redirect Chain

https://unpkg.com/gsap@3/dist/ScrollTrigger.min.js
https://unpkg.com/gsap@3.12.2/dist/ScrollTrigger.min.js

42 KB
18 KB

84ms
84ms

Script
application/javascript

104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/gsap@3.12.2/dist/ScrollTrigger.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3541369
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H41N4YM5HXW2QJ3GCBCERM36-yyz
server: cloudflare
etag: W/"a6ab-C1fHO2gYdyM8Rm95yyg62cdGHM8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f39d0643a363a08-YYZ

Redirect headers

date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H7B6BCPNQQT2T22NY69C5PTX-yyz
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 117
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /gsap@3.12.2/dist/ScrollTrigger.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7f39d063f9e23a08-YYZ

GET
H2 200 x.svg
static.portail-assurance.ca/dist/images/ 1 KB
1 KB 42ms
37ms Image
image/svg+xml 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.portail-assurance.ca/dist/images/x.svg?tr=w-16

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8f159700dbc986818e73e7761d15b82d022f85dd64a6f7b15a9ec63ef6cfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dc5d6dd-0064d11fdf-71707707-nyc3c
age: 6018
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=86400;hw-h2proxy
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 20:51:33 GMT
server: cloudflare
etag: W/"1ff7cb196a49f68608c2ddcc9d0d0551"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691426818.cdn4-pxy205-yyz02.tr2.ev,1691426818.cds204.tr2.c
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VvNsFAEtgFRWSYMRuiaZ%2B5ZJyxuqLOX5YqWP15ceV%2B40Zb%2BbKrp1aGvPooH939o7YRXUYMFkOC3mdaX1%2FulcATFxwv6HnZSjh1Hbl9dnsM5R3WvjV%2FsU1C1B1gXUYdDUKt6Giz%2FLgJwdtdxsII%3D"}],"group":"cf-nel","max_age":604800}
x-rgw-object-type: Normal
cache-control: max-age=86400
cf-ray: 7f39d06548bea1fe-YYZ

GET
H2 200 new-sm-en.png
static.portail-assurance.ca/dist/images/comparator/ 790 B
1 KB 49ms
44ms Image
image/png 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.portail-assurance.ca/dist/images/comparator/new-sm-en.png?tr=w-64

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d578a24caeb97b0110a0708eee108674a5daeed8e37490f0dc39ec0af9c37443

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dcb3f30-0064d12199-71719aaa-nyc3c
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 790
last-modified: Mon, 25 Jan 2021 20:51:44 GMT
server: cloudflare
etag: "259fc89e311389104407120aa8b449ae"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691427225.cdn4-pxy208-yyz02.tr2.ev,1691427225.cds202.tr2.pr
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwtFFO6BZQFN4DPMF7NW%2BH82pHkbrteIGGnnYBLUWhbjQVM5PVy7pDBDAblKgYTuWRPZDTgN4ZdWxIwt7iAF0DxA8AsC1hNNcJlvJI148Ylcs7ji1rCf%2FlwuYVATdHv1QVDRnBBSLulyOgMVoRk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=120
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7f39d06548bfa1fe-YYZ
x-amz-meta-mtime: 1608834305

GET
H2 200 logo_en.png
static.portail-assurance.ca/img/ 10 KB
10 KB 49ms
45ms Image
image/png 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.portail-assurance.ca/img/logo_en.png?tr=w-183

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7e63c35f9017e93b76a81b6b00b12ef56e4a2fa8660755c5dc610becad4c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dcb4093-0064d12199-71719a96-nyc3c
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 9947
last-modified: Mon, 25 Jan 2021 20:51:20 GMT
server: cloudflare
etag: "6a9a739640dfde6532bf3899eecd1a89"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691427225.cdn4-pxy210-yyz02.tr2.ev,1691427225.cds002.tr2.pr
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IWbHxTTuKD125lB5sQ9qc5t%2BdwUzrkcVXsh0wB3HoBgHt7LLTLaXcH4%2BkVwza8gs7sresv%2BwdHhMF8964FJlncnvcU%2BTefwm9HGD1Eog%2FmSBFgN5QBRYISusegEWHVSaUgkF7Jpqdfjeq9EjkE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=120
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7f39d06548c1a1fe-YYZ
x-amz-meta-mtime: 1608834617

GET
H2 200 photo_web_3525.png
media.insurance-portal.ca/covers/ 13 KB
13 KB 246ms
72ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/photo_web_3525.png?tr=w-400
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 031aa1823dbc818be119fdfcb19d6c73e9761ef10882337926a5846ae66a0fc7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:12:51 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 11682
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12826
x-request-id: 9e04b963-df16-40cb-93a9-0bca1af2bd13
etag: W/"321a-0iNxp5ix1YGYyykUiERddZRdPLw"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: vK2_AkpxcQjC1tCKap-PWnIWpA1eNHH5ScSN3SdEMRUUz4RCozkbww==

GET
H2 200 financement_AdobeStock_239411330.jpg
media.insurance-portal.ca/covers/ 4 KB
4 KB 250ms
75ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/financement_AdobeStock_239411330.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 6ceb96d843e8e8be9034d922255316e6ea71e4aa169521146c160ed02fe4cc55

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:37:49 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 13784
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3916
x-request-id: 44626631-69b5-44fd-bea2-9fd57692f348
etag: W/"f4c-S68KXCdcMwDBnX1wtya/jeH/dvg"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 7ef2FgSLRkHQZfGJVTnCNyK4yRzY_KmkB3b9V2UMTNCRlP6FqBxtzQ==

GET
H2 200 photo_web_1580_OPNcX4N.png
media.insurance-portal.ca/covers/ 3 KB
3 KB 239ms
65ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/photo_web_1580_OPNcX4N.png?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: c018537c68f9c61708c19088d5fa04e9981027f91a182d4c157e21372806b44e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:16:22 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 15071
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2828
x-request-id: ee0ad212-9a59-47d0-8adf-8d5585ca4dd0
etag: W/"b0c-ig4+fB2SeybfUytqiRzCVqNVZb8"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: gVRF81WeYpJ37Yi3kFVdn2qXI12Rfik5xn08E1LC99ZzxASPEjRaKg==

GET
H2 200 acquisition-deal-handshake-o.jpg
media.insurance-portal.ca/covers/ 3 KB
3 KB 250ms
76ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/acquisition-deal-handshake-o.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: a1ae3e14531399c4756ebe0270ffad4e907ac0daaeb8ba43c248c19f679afaab

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 14:31:09 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 100584
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2604
x-request-id: 50a79590-94b7-9e92-86d6-1657ccb5fec8
last-modified: Thu, 22 Jun 2023 20:26:24 GMT
etag: "750e0657d13dcf216f9398cfd5cfd298"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: y-65lwGk25mJ1MbyQpwA3xZSYTs-7rNH81cRwCGnHSNk44Pqi65dZg==

GET
H2 200 avisdisciplinaire_Z8yuWpa.png
media.insurance-portal.ca/covers/ 1 KB
2 KB 271ms
97ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/avisdisciplinaire_Z8yuWpa.png?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 136ab1daed8f4595e2fa1436a7d684b9b9104694997217219bb3751054507bc4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:51:39 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 5549754
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1254
x-request-id: 2c65a38f-a6a6-4a74-baef-69dbe29d5768
last-modified: Thu, 04 May 2023 15:00:06 GMT
etag: "17c0e944ce7a5d2cf093b1c7f35571d3"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: BmBbIqO9HgPLAsM1PdAn9M4qiwaYwMHw7x3FxlinUdhU5YUXFJElHg==

GET
H2 200 ceuxquibougent_CdD4ALe.svg
media.insurance-portal.ca/section/ 13 KB
6 KB 264ms
90ms Image
image/svg+xml 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/section/ceuxquibougent_CdD4ALe.svg
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 7591baa56bbb4c82220882b2878a92072ed87944c93649d4fe179612e6ce3c6e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:24:05 GMT
content-encoding: br
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 745408
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: baa6dcbf-3229-4590-a42a-d4385206107b
last-modified: Wed, 19 Apr 2023 13:14:20 GMT
etag: W/"0675ce1767ff29ccb7011030464b0b3e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: a4aR0aGJsTsH_JPv8fcASw35I4Ef20lTIckIpr-bKrO2nU5VNMpCLg==

GET
H2 200 avisdisciplinaire_YBRmMls.svg
media.insurance-portal.ca/section/ 7 KB
3 KB 207ms
57ms Image
image/svg+xml 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/section/avisdisciplinaire_YBRmMls.svg
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 5962557d61c47d867755a353262191363cbb8e4e2668cadfdfbc4be4a320d012

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 05:34:30 GMT
content-encoding: gzip
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 13351983
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-request-id: f05f7163-05fd-41a1-9def-38ae5afa532c
etag: W/"1c47-9Yw5vkUA2FN06wmLRh99jAIFHUc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
x-amz-cf-id: 2JdlSW83922-gqSvVBzKFFt8xiUBkfVMxmy5PyG75QMejK93JmVHLg==

GET
H2 200 78cac0b4-3705-4005-a152-6394e6110420_ztRHFZD.png
media.insurance-portal.ca/section/ 1 KB
2 KB 200ms
50ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/section/78cac0b4-3705-4005-a152-6394e6110420_ztRHFZD.png
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: edfaeddde33c9c41a74c6d3e7057fbd37df87ef6bc717be266f05c2e504ce084

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:22:44 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 3117889
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1026
x-request-id: 875bddbb-956d-4e21-a56c-5444fc2e5e65
last-modified: Tue, 25 Apr 2023 15:43:40 GMT
etag: "e783d8f5e5a2491a1ebaf7a4a0eaaae1"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: A6W0qZlC1Jx9v4kTB7Lgj1F8dReKl6QeTBRQYCqpYVTOPgf8coqQHw==

GET
H2 200 e5d56974-c065-44d0-b4d2-35be9917c090_ESewzS8.png
media.insurance-portal.ca/section/ 1 KB
2 KB 207ms
57ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/section/e5d56974-c065-44d0-b4d2-35be9917c090_ESewzS8.png
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: c73bac037ca7c39290348cf914df999145ee6edbcbed17de02e757c78e30a7ae

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 11:56:22 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 5553071
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1070
x-request-id: f126326c-eb54-4e05-8925-98bd5d289abe
last-modified: Thu, 27 Apr 2023 17:23:25 GMT
etag: "330e4ecfe8d6b0e9680eae893011fe72"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: HRO2yq4988mKrXXdeMUFIM8nbjbCNEYTHia-xy-yJba--dPe-wK5Lw==

GET
H2 200 gavel_AdobeStock_336390674.jpg
media.insurance-portal.ca/covers/ 2 KB
3 KB 194ms
43ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/gavel_AdobeStock_336390674.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 224b0aafaa6587324af38bbab4a0eb10a092bdf26a0fa2ba1e2fa2bd70ba0990

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:00:06 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 358047
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2368
x-request-id: e83f5047-0cc2-4124-bd35-498610c37699
etag: W/"940-ZUpMVBB+t2PArJwjFWYMdRNAWK4"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: YfjObfAw3Wh0rzc1F7DguP0nQfBCHpCdOvIeufDbTWpX9Xg29agtgA==

GET
H2 200 graphs-charts-business-reports-pile-documents-business-concept.jpg
media.insurance-portal.ca/covers/ 5 KB
5 KB 199ms
49ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/graphs-charts-business-reports-pile-documents-business-concept.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: c7c20a589ec635e0491c693b29b45205d386f84552ba3fe229291f36cd9cfcf0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:05:59 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 357694
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4690
x-request-id: 4a504c18-bc67-4e78-bcf7-76adda8a69d2
etag: W/"1252-nLHt1SlmUHUrGEt85Bi8O17am5M"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: tEOSJBe_3WFA22bBXJC_YZQ76WQEbC0zPRt3qwefaK5BNlXME0Cs5Q==

GET
H2 200 security_AdobeStock_440609733.jpg
media.insurance-portal.ca/covers/ 4 KB
5 KB 196ms
46ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/security_AdobeStock_440609733.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 2b9a8bb914c05a19009ef09f74c2876aeb29f621056bfe7b3ba74cc626500c07

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 14:11:13 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 360980
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4288
x-request-id: cd75ee3d-f552-4b75-aacc-9bf1e597a93f
etag: W/"10c0-sswDoh71H32jvoCtYZvQlauyvog"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: VagMvWjUjwLZJhLXzWVCXebufSU-XJIMUXCmjgvibWBdXNuyCJ4WGw==

GET
H2 200 photo_web_3525.png
media.insurance-portal.ca/covers/ 5 KB
6 KB 100ms
98ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/photo_web_3525.png?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 88fab1cf3457c3c15d25a67502ff1f39ca70f5e2bc6b048ab673cf3021ccb76b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 15:12:51 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 11682
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5126
x-request-id: f0282d9f-46e9-4e67-834f-756ceff47dac
last-modified: Wed, 21 Jun 2023 15:04:48 GMT
etag: "78dbcd6c3b95bc241f0c31377b88486c"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 7GIfnG6e9EYLM1Cwc93E9KiMFMABua2h92_WOez3FW8MneHQS7db6A==

GET
H2 200 pensive_senior_man_33730.jpg
media.insurance-portal.ca/covers/ 3 KB
4 KB 78ms
76ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/pensive_senior_man_33730.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: a545c57c53ccadffafe24c6461465b9a9dfdb63b9035137d807a40febefac7cb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 13:29:13 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 1054700
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3572
x-request-id: dadfde4f-7ac3-4459-965d-2b3a16d6d794
etag: W/"df4-fhrFXtGBmKS/Q56nNTlx0wSZdYM"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: Swba_payi5xvOIIECv2FQqR-CY9e_59n3npsjCFNeoFxj249oRbKfw==

GET
H2 200 Capture_decran_le_2023-06-19_a_11.43.55.png
media.insurance-portal.ca/magazine/ 10 KB
11 KB 85ms
84ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/magazine/Capture_decran_le_2023-06-19_a_11.43.55.png?tr=w-230,h-300
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: b7f438d6a2e724b99739f1f11926cff479d31bb0f1b1674f9b24a7bc525999eb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 12:36:44 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 4254649
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10638
x-request-id: 6abb6243-bd7d-4519-82cf-f650102c8785
etag: W/"298e-ja84zOPlQX4OJcBA+d8N8CmouE4"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: KlLvDfvdWEmv10YtUjfuhDyogznGuKoRhh1YBzIoDaBurFt8NlgqTA==

GET
H2 200 wildfires_AdobeStock_221237845.jpg
media.insurance-portal.ca/covers/ 6 KB
6 KB 88ms
86ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/wildfires_AdobeStock_221237845.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 0ff0399249bbc0b7a26e83e095681e4ba6cd5f24f2f129fc56ff4da36828a257

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 15:07:19 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 530414
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5924
x-request-id: 93a22f07-ad20-47b1-b1f1-2cb0a81b7e0f
etag: W/"1724-vgJwT3pBkkXe1WB8Jt6cmZ9U9NI"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: hq1CI9auT7XOCDQ42rfvNuJEoK2xwQIJmc4hmz1IVCsAoebmPFtT-A==

GET
H2 200 people_AdobeStock_488529317.jpg
media.insurance-portal.ca/covers/ 7 KB
8 KB 102ms
100ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/people_AdobeStock_488529317.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 433343bcb0b711bc539e78baf3a531b7b741a8473750c5b3eefa1c9c0a8d7455

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 20:19:40 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 598073
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7366
x-request-id: e018bf09-aa53-4158-92c5-8a4cb2b6c155
etag: W/"1cc6-8EK9R3rKUh2xTgONdKOvKd2R7l4"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: mNTQDi_f4sJTVtXgb3KfzW-V54QQM2x72hetw8MVJgRX4GMoyXnKtg==

GET
H2 200 rope_AdobeStock_295699679.jpg
media.insurance-portal.ca/covers/ 3 KB
4 KB 94ms
92ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/rope_AdobeStock_295699679.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 81d15276474c69d703d6c0989041db81a09750157e8a85eb82e435b72812ef44

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 14:42:42 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 1827891
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3226
x-request-id: e8dfbe27-5f80-44ef-9c93-ac929dfcdeff
etag: W/"c9a-Me086v62u1xjrizKdC3J7GTM+TI"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 73AavPZWTBLI8DkkCVJffQHzX6QBTXz9GARiGJItye_Nvqx0bI8_jQ==

GET
H2 200 resultats_finance_down.jpg
media.insurance-portal.ca/covers/ 4 KB
5 KB 93ms
91ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/resultats_finance_down.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: d1a9e839a718f9cb7a1049e369565428f6a3ace503349c150e645190ee66a541

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 18:06:27 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 3111666
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4368
x-request-id: 503a0d04-7860-4621-90e5-095582b62b86
last-modified: Wed, 21 Jun 2023 08:18:42 GMT
etag: "d72de9a515ad5d6dd83977c2393fe871"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 7eh4WmuIIt5hzBnU_Dk_zFMNOklhoZ-XbtKw7c7lZsIlsKai4kDgeg==

GET
H2 200 pharmacien_pharmacie.png
media.insurance-portal.ca/covers/ 4 KB
5 KB 89ms
88ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/pharmacien_pharmacie.png?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 8bc777b35ac7a759c23f3c55152ea4a342161f67faa3184b03cb9cfb71b9c319

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 14:52:33 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 444900
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4240
x-request-id: 139ffe14-a7f2-42eb-af89-81eb10dc6019
etag: W/"1090-MzDkoGhkyeCIH99Rn+fX3CEzfv8"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: VbBORavo6QtBROLCvZY_1YtftfFwFReTE-E5exgvTHzlMl7Q7STI9A==

GET
H2 200 pills_AdobeStock_386838825.jpg
media.insurance-portal.ca/covers/ 3 KB
4 KB 105ms
103ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/pills_AdobeStock_386838825.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 19fed2d10e538f3f1c94e8f16e9f42b3cabaccb941245885a7d116d0efa4ee2b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 15:11:36 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 616557
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3384
x-request-id: 0b2d84a0-dd25-40e7-9bc4-d20fa3706d44
etag: W/"d38-XjkapHCvgP0f7ysm/U+mv/QdU2s"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: zNqAjvjaqB2R6lTKn-1iQPaKgRcBs7CWtep9Jsvd2KZQE3lN2WmHAg==

GET
H2 200 habib_goulet_2023_web.jpg
media.insurance-portal.ca/covers/ 8 KB
8 KB 98ms
96ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/habib_goulet_2023_web.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 4e32138ed92a56df8c0de9953f3dccca904d457bcabf4cbf8907bffa2fe7a192

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 14:57:22 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 963011
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7784
x-request-id: 7796cbe8-851c-4378-ad6b-66df0981f276
etag: W/"1e68-1fIVkoVOF/nngNADILwG+4OLP08"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: UGTMbvUH1oIdkpdOvsU6pJrR3svpkFoXj75c2YWJeU20NykdfHhoRg==

GET
H2 200 piggy-bank_AdobeStock_572646920.jpg
media.insurance-portal.ca/covers/ 2 KB
3 KB 95ms
93ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/piggy-bank_AdobeStock_572646920.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: 6fb1cc9a92e5e0c71ff6ac4710bf7eef9af080d4bc43c49939ccbd9f49eb6d95

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 14:52:22 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 444910
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2236
x-request-id: 825dd2f6-986f-4a3d-a130-1983c3fd7afd
etag: W/"8bc-XhJLFSbdqSx2xWEQs+G1ca0geTw"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: VRzgXsvHrEX1JunKcJdIk4OZ4JC3HbwOhMgCKfvWjKirCkZWE2XQUQ==

GET
H2 200 calcul_AdobeStock_478402904.jpg
media.insurance-portal.ca/covers/ 3 KB
3 KB 105ms
103ms Image
image/webp 18.154.227.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.insurance-portal.ca/covers/calcul_AdobeStock_478402904.jpg?tr=w-200
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-85.iad55.r.cloudfront.net
Software: /
Resource Hash: b49c051673a713cbc19823af69be1eb0681c806b310fb342fa036851ca035470

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 13:53:42 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
age: 534831
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2922
x-request-id: 5ebb9092-7e99-41b9-8d84-72ac14b41126
etag: W/"b6a-PmctGegDvtdXi7WYl/ktGSHIY3A"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 1ZMNsDa_f9pvsEaPoXtnX4e7pnyFc5s7Quw_5cbv8Eoqv8oMkimK8A==

GET
H2 200 new-sm-en.png
static.portail-assurance.ca/dist/images/comparator/ 790 B
1 KB 48ms
46ms Image
image/png 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.portail-assurance.ca/dist/images/comparator/new-sm-en.png?tr=w-39

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d578a24caeb97b0110a0708eee108674a5daeed8e37490f0dc39ec0af9c37443

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dcb3f78-0064d12199-7170e244-nyc3c
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 790
last-modified: Mon, 25 Jan 2021 20:51:44 GMT
server: cloudflare
etag: "259fc89e311389104407120aa8b449ae"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691427225.cdn4-pxy007-yyz02.tr2.ev,1691427225.cds201.tr2.pr
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI2yCKPyPhlxyYytH4UrfORVIHPmHddON5zzIHVHFmgmAMrFSokH9KezpGGeE%2F3m4L4nGapulTYIUbsRvqS7hbi5jE4egHrqGt0zO3OsxeGCgJyFbLBm6esrykYe05WH2YyaSL3k9geAP0YVhO8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=120
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 7f39d06548c3a1fe-YYZ
x-amz-meta-mtime: 1608834305

GET
H2 200 email-decode.min.js Show response
insurance-portal.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
27ms Script
application/javascript 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-portal.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://insurance-portal.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Aug 2023 16:29:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64cd2768-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq4XbQKbrbWEBasZuWBhrswiwWt757B8N%2FhLu88z1SBYSuNJSx%2FB53i6wg%2F2v4MOCwLm3LxlWhK11AtEPVY85ILvtPxO1QwRaszSZF0Ho1Dyip6k6U6i6IL48L4I7MWqrNG1SDXd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f39d064efbd39cc-YYZ
expires: Thu, 10 Aug 2023 18:27:33 GMT

GET
H2 200 integrated-promotions.js Show response
static-portail-assurance.nyc3.digitaloceanspaces.com/dist/integrated-promotions/ 523 KB
524 KB 57ms
55ms Script
application/javascript 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://static-portail-assurance.nyc3.digitaloceanspaces.com/dist/integrated-promotions/integrated-promotions.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

33b7851714cb0c09581c8fdcf3883ede1245f0ba49ec961c9df70494c59cb3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 29 May 2023 21:03:59 GMT
x-amz-request-id: tx000000000000061f0683c-0064d28915-7170e244-nyc3c
etag: "dda23bb7f19e9802c3edd05bbc10e6eb"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=86400
accept-ranges: bytes
content-length: 536037

GET
H2 200 js.cookie.js Show response
static.portail-assurance.ca/js/ 3 KB
2 KB 41ms
40ms Script
application/javascript 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/js/js.cookie.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c10e0ac1a112a02ed70d238679fd6d8c6281b0176376d1291e5be6aa77839a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dc89026-0064d120bf-716fe6ea-nyc3c
age: 4749
cf-polished: origSize=3886
surrogate-control: max-age=86400;hw-h2proxy
x-envoy-upstream-healthchecked-cluster
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Jan 2021 20:51:21 GMT
server: cloudflare
etag: W/"8ff1c89f24a8ca6f91f77389a0b70449"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1691427794.cdn4-pxy210-yyz02.tr2.ev,1691427794.cds002.tr2.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ou1dJ89y8A7q9iqO%2FrWbPx3iyOv7FfyJXnX1yrcYyfV4y1wQrikKMK3TtI%2B6RI3nXs%2FhfYjcf6C0MOAOim3veOnEkssAlgdqwuVjGPpPojdzXU%2BpW9jaIH%2BCJtsueuTa%2F7O8xcJ5sbZs0FTZijw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-rgw-object-type: Normal
cf-ray: 7f39d0651884a1fe-YYZ

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
70 KB 157ms
73ms Script
application/javascript 142.250.80.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLS244N

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.72 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4a084f2aa2d0eab1b6aa5bfccec41ef03ae9e31601e10967529e1a207ffa8acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71302
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Aug 2023 18:27:33 GMT

GET
H2 200 sa.js Show response
sibautomation.com/ 8 KB
3 KB 103ms
38ms Script
text/javascript 104.18.31.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=szl8zd6t6rzdekt2bv6xx
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 473950091570c62c77f0244b51747b715f0568fcd28f9abe0497ef5d198bdb17

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 4785
cf-polished: origSize=11426
etag: W/"2ca2-5FhPcvMa+9xLsQUirqQJ+HEcTLA"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 7f39d065db17ab3d-YYZ
expires: Tue, 08 Aug 2023 18:28:33 GMT

GET
H3 200 Graphik-Medium.otf
static.portail-assurance.ca/fonts/graphik/ 134 KB
135 KB 105ms
49ms Font
application/octet-stream 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/fonts/graphik/Graphik-Medium.otf

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insurance-portal.ca/
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dd0fcaa-0064d12365-71719a96-nyc3c
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 137664
last-modified: Mon, 25 Jan 2021 20:51:33 GMT
server: cloudflare
etag: "e22e3d7ea60d4fefb8c405da47136ab7"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-hw: 1691427685.cdn4-pxy207-yyz02.tr2.ev,1691427685.cds009.tr2.pr
cache-control: max-age=120
x-rgw-object-type: Normal
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uehCH33B%2FaySEy12R1%2Fe%2FwrsqKNl8lkkT1ON2BBqgUn1SD5fyEHfk%2BEKm7heFQfj2cTwf5N3BUSwDW6%2F7PNt2TLthVw0zLMwk3f2apvhgUOLLFp2qd5PMDq60S1p5dRXaxafJQHhQzvcPKMag5s%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f39d065adb3a1e1-YYZ
priority: u=0,i=?0
x-amz-meta-mtime: 1608834393

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 46ms
45ms Font
font/woff2 172.64.103.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3NTABDW7D8NWHVZK
age: 2597963
alt-svc: h3=":443"; ma=86400
content-length: 79100
x-amz-id-2: yIFNTAaK/NkFmN4p1gA2i4ydeyvj/PMTaSLRQrzHXre8WxfGsou3efwUasonVTAQwe3fVVmlUvep8pDyum+eQA==
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY%2BlrWYqANjYobT55RlU4G576VLSe7vI1%2BpjGvv9V3jAFGyP2nqf0RX94F3Uzd7j0%2BubVN72LYeo2iWm0W9CNgM0m0vZ6ZwI8SFQ3%2BHJ0Y5hwORy6pjl%2BKdoB%2FwNgaC2GEqIGXep"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39d0655fba4345-EWR

GET
H3 200 Graphik-Regular.otf
static.portail-assurance.ca/fonts/graphik/ 128 KB
129 KB 237ms
181ms Font
application/octet-stream 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/fonts/graphik/Graphik-Regular.otf

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insurance-portal.ca/
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dd0fb49-0064d12365-71719aaa-nyc3c
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 131204
last-modified: Mon, 25 Jan 2021 20:51:33 GMT
server: cloudflare
etag: "8a2ef63e3b42cb6897b5fabbe79044fc"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-hw: 1691427685.cdn4-pxy205-yyz02.tr2.ev,1691427685.cds203.tr2.pr
cache-control: max-age=120
x-rgw-object-type: Normal
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S81GS1b1i85glzia%2Fve63V0ZoYYtPt1bf9rUVPJqb21yBl1VsN1ylfxVOZJesOd%2FPPnCX9542O1e60N324lugKsnCWhWUHebxT1LDEuJhMRxfTLvOsc3WNMx7t5HvwqiuR%2BxzDJJ9w%2FvbkXBNAE%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f39d065adb7a1e1-YYZ
priority: u=0,i=?0
x-amz-meta-mtime: 1608834398

GET
H3 200 Graphik-Semibold.otf
static.portail-assurance.ca/fonts/graphik/ 135 KB
136 KB 206ms
150ms Font
application/octet-stream 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/fonts/graphik/Graphik-Semibold.otf

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insurance-portal.ca/
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dd0fc12-0064d12365-716fe6ea-nyc3c
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 138448
last-modified: Mon, 25 Jan 2021 20:51:33 GMT
server: cloudflare
etag: "3e7ad92094c9b412a8ca3d1bcc4a675b"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-hw: 1691427685.cdn4-pxy212-yyz02.tr2.ev,1691427685.cds213.tr2.pr
cache-control: max-age=120
x-rgw-object-type: Normal
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GD79ecRXB0XaJ2piKq0nCfvdoVo0iWkkoOuI%2FC0d15IXRHch5nMMXAw8jvwBLqN8pRX5L7%2FsIFioaWYY4tkju%2FPrV1FSauPF3Xa4VfuaAptxFgJ5AWlmNwPMBvgPpF6PObyo%2Bwk%2FW9OC%2FxFZyc%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f39d065adb4a1e1-YYZ
priority: u=0,i=?0
x-amz-meta-mtime: 1608834393

GET
H2 200 buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v24/ 27 KB
28 KB 129ms
37ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tinos:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:16:11 GMT
x-content-type-options: nosniff
age: 407482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:16:11 GMT

GET
H3 200 Graphik-Bold.otf
static.portail-assurance.ca/fonts/graphik/ 136 KB
137 KB 229ms
174ms Font
application/octet-stream 172.67.193.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.portail-assurance.ca/fonts/graphik/Graphik-Bold.otf

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insurance-portal.ca/
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000005dd0fd3b-0064d12365-716fb840-nyc3c
surrogate-control: max-age=60;hw-h2proxy
alt-svc: h3=":443"; ma=86400
content-length: 139708
last-modified: Mon, 25 Jan 2021 20:51:33 GMT
server: cloudflare
etag: "54775fd24e57ef5d8bb843d747f6852a"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-hw: 1691427685.cdn4-pxy004-yyz02.tr2.ev,1691427685.cds224.tr2.pr
cache-control: max-age=120
x-rgw-object-type: Normal
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN0E1VLhfN0nUQciwHHy4tkf%2BSIFTBGvK9LUY28nXZZD5MvKjfKiTdEWSDHloVxVUVVgvbHc%2BxLD%2BThInGvdjn5ynqlEXbVwW%2BC7HEVYn9GN68GP%2BiNUJH2zmttYwty0ICxGfPW6pfbUWV0PMeI%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7f39d065adb6a1e1-YYZ
priority: u=0,i=?0
x-amz-meta-mtime: 1608834394

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 68ms
67ms Font
font/woff2 172.64.103.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.103.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3NT95N5E3BVAK1HX
age: 2597963
alt-svc: h3=":443"; ma=86400
content-length: 74288
x-amz-id-2: IQud9VJHUFhSQFXaggFRUBdfnF/+x2noFAHYlU57K1joMY+m0g0wPxgDgQFoybx/gwkfoL/tV2bZ9tt2tccPhg==
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Udb6ElxMogWcMM4NKLdnJnOjljlMfNhbXV5CgWEMRIbQIKEDCo51fD27Ub56DKUzUZdqh79cBa3N3o0KIauFVOsMc5l7g6%2B4Fvwmn7ccmuotvVuCXP2eO5GEK1E5TDdRRe2NMV%2B"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f39d0658ff74345-EWR

GET
H2 200 custom.json Show response
rdc.m32.media/adops/custom_files/insurance-portal.ca/ 1 KB
1 KB 76ms
26ms XHR
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rdc.m32.media/adops/custom_files/insurance-portal.ca/custom.json

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

aedc01bd857380894c53d93655cf5076b5e211a61487e4789de9d652fa1fca36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 33603
x-guploader-uploadid: ADPycdt4x6kJ9kZ2sJJwlesWZUAA57NsbizGoRVhDD1f7HvbbYSgySFxFezbIliMd6ig0hgvSaK-HMzMSZjYmg2jZLDECXZgT-wm
x-cache: MISS, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 542
x-served-by: cache-yul12822-YUL, cache-yyz4566-YYZ
last-modified: Tue, 08 Aug 2023 09:06:44 GMT
server: UploadServer
x-timer: S1691519253.472191,VS0,VE1
etag: "d1aab3be9d45f809da08ebe5b8cc169c"
vary: Accept-Encoding
x-goog-generation: 1691485604502142
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=rJ5w0A==, md5=0aqzvp1F+AnaCOvluMwWnA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 1195
x-amz-checksum-crc32c: rJ5w0A==
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 cm.html Show response
sibautomation.com/ Frame D9D4 2 KB
1 KB 50ms
49ms Document
text/html 104.18.31.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?key=szl8zd6t6rzdekt2bv6xx
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=szl8zd6t6rzdekt2bv6xx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: b07a8e8780a8e9d792c410eac950ae4bf41ada78b9e07128dae53f8a0323faa2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
age: 20775
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 7f39d0662b5aab3d-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 18:27:33 GMT
expires: Tue, 08 Aug 2023 20:27:33 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2

200

sib-conversations.js Show response
conversations-widget.brevo.com/
Redirect Chain

https://conversations-widget.sendinblue.com/sib-conversations.js
https://conversations-widget.brevo.com/sib-conversations.js

68 KB
16 KB

113ms
44ms

Script
text/javascript

104.18.12.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/sib-conversations.js
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Server: 104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151e819a76cfc3dbf8987102b5fadeab723fbbf91ec62dada233f3802d270ed6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 12:43:59 GMT
server: cloudflare
age: 810
etag: W/"10f16-189d0069298"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 7f39d0678e2d3700-YYZ

Redirect headers

location: https://conversations-widget.brevo.com/sib-conversations.js
date: Tue, 08 Aug 2023 18:27:33 GMT
cache-control: max-age=3600
server: cloudflare
cf-ray: 7f39d0668bee39db-YYZ
vary: Accept-Encoding
expires: Tue, 08 Aug 2023 19:27:33 GMT

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 71 KB
21 KB 192ms
79ms Script
text/html 3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=178&ut=&uts=&windowlocation=https%3A%2F%2Finsurance-portal.ca%2F&usp=&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/178/freeskreen.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d39a17caaa2d0b379e84ee320978e4dae41ca5482fb924ed93a2c4ef1bda121

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 21212
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 434 KB
175 KB 128ms
39ms Script
text/javascript 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.163 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://insurance-portal.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 17:16:22 GMT

POST
H3 200 / Show response
insurance-portal.ca/marketing/api/integrated-promotion/retrieve/ 2 B
463 B 116ms
115ms Fetch
application/json 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-portal.ca/marketing/api/integrated-promotion/retrieve/

Requested by

Host: static-portail-assurance.nyc3.digitaloceanspaces.com
URL: https://static-portail-assurance.nyc3.digitaloceanspaces.com/dist/integrated-promotions/integrated-promotions.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://insurance-portal.ca/
accept-language: en-CA,en;q=0.9
X-CSRFToken: Aosj1iDX5115rTzhxlxsezZQkaJdP9uhid75kTxa1mT3B5iiywtSmxiQmVXgL2Ul
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
allow: POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW%2FGISsYc2LmvCIZ8RsQmo%2FpziYK05bndP5CraD3gokUnoC6gk%2FOu4VCDp%2BohYzDw%2FsiaC5WWMgY9aD0GNZOoBpqaVNvRVlNJ1k%2F31vowNRqZP70Pf%2F1XWI6s1MBfdDDiUaIpjN8"}],"group":"cf-nel","max_age":604800}
cf-ray: 7f39d0667e57a235-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3

200

invisible.js Show response
insurance-portal.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame A4BC
Redirect Chain

https://insurance-portal.ca/cdn-cgi/challenge-platform/scripts/invisible.js
https://insurance-portal.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

7 KB
4 KB

32ms
31ms

Script
application/javascript

104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insurance-portal.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Server

104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5000979048c5ef2dd5c9ea59247084dd30a823a50c86ce389cd535e74c224c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EeL4bucb15epcBw7RJJgw0DVCmKlXga3M9EWVadcIXuIKXWoJrLVbsLHpiO3JmdDMtbV42QmNfebhJOtwG56Tt%2Fq66VPvxuFUHnqN1aAhSFB0GB1I%2BMT1b4BXiRhR8a7a7YH88z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f39d0671f26a235-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 08 Aug 2023 18:27:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2woSHApQhuX6V9cW7%2Fg8qXyMu2Y%2BbiRX1H1yV%2Bj%2Bjl19DgszO7uQr1i0ndVM%2BmGso948lR1FLRyNfA9HkMRFpNNQC5kxpNG%2Bpq8OKkIrV3ezk1Cy63u8ZeVaVSj0K33qRY0KnL6E"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f39d0669e8ba235-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 s.js Show response
insurance-portal.ca/cdn-cgi/zaraz/ 6 KB
3 KB 40ms
40ms Script
text/javascript 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance-portal.ca/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJTIwJTIwSW5zdXJhbmNlJTIwUG9ydGFsJTIyJTJDJTIyeCUyMiUzQTAuODY3MzkwMDM3MTI2MTMzNiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGaW5zdXJhbmNlLXBvcnRhbC5jYSUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmV2ZW50JTIyJTJDJTIyc3RhcnRfcHclMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60ee76fe55ca8e6b4e892be93474dcb8544c5b5ac5154c58ddda3e3b9d50d94

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://insurance-portal.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://insurance-portal.ca
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyIIi25GHpN9baFbQmg%2B0QCsqTdaX1TCFMee%2FgF7%2Bm11RXGTQDIYrdtmF5oKYI1ejUyRGkqhnLLd5EcmlgTAJQDMw6XG%2FV2Q0e1TOY2cGxoIlHVjFCTZcXPjiLC3WOKU7KnX%2FbPc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7f39d066ded2a235-YYZ
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 159ms
60ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

27b9543ca24dae3aaa8ada97fb00da54a154ffd448c337159ceaeacddea22b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27834
x-xss-protection: 0
server: cafe
etag: 826 / 19577 / m202308030101 / config-hash: 11967403657897501401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:27:33 GMT

GET
H2 204 cm Show response
in-automate.brevo.com/ Frame D9D4 0
108 B 142ms
74ms XHR
text/plain 104.18.13.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/cm?uuid=d7a1cc36-030a-4dc8-9733-81951271cd2a&key=szl8zd6t6rzdekt2bv6xx&cuid=bffd6700-ff2c-4a3e-9aa7-08aa464f4781
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=szl8zd6t6rzdekt2bv6xx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sibautomation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 18:27:33 GMT
cache-control: no-cache
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f39d067bcfa5419-YYZ

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
39ms Script
text/javascript 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLS244N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 16:37:29 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6604
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 08 Aug 2023 18:37:29 GMT

GET
H2 200 hotjar-1643280.js Show response
static.hotjar.com/c/ 10 KB
4 KB 207ms
119ms Script
application/javascript 18.160.41.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1643280.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLS244N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-49.iad55.r.cloudfront.net

Software

Resource Hash

92daaeec818ed75a42a2e37409d0c7c3e9ff8158a24492bae77c83aafb9c1306

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 18:27:33 GMT
via: 1.1 5b2c25375d693d0fb882145cde66154e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/d9a793c5471a55aee9714ab54055a6d4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: FSjY-x89rAWzm07577nT9mIdmjARdicb2kk5fzskgqLQwg2iy2ad_g==

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 136ms
47ms Script
application/x-javascript 18.165.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=7AE86453F3B095A2F9CDF9450E9B5DF4
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-98-32.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 20:14:40 GMT
content-encoding: gzip
via: 1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront)
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P4
age: 79974
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: Sn39D-alU-l6hvA8hz-Z966BHa4wHx5oirACkZXra-a8_zZ5oSOiWg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
87 KB 76ms
76ms Script
application/javascript 142.250.80.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T179X7HBHY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLS244N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.72 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5a0b1f3b7f41a6673a4cb1e737322e711ad7d32097d163ecc9439c52bede6ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 08 Aug 2023 18:27:33 GMT

POST
H3 200 t Show response
insurance-portal.ca/cdn-cgi/zaraz/ 244 B
676 B 39ms
39ms Fetch
application/json 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance-portal.ca/cdn-cgi/zaraz/t
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJTIwJTIwSW5zdXJhbmNlJTIwUG9ydGFsJTIyJTJDJTIyeCUyMiUzQTAuODY3MzkwMDM3MTI2MTMzNiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGaW5zdXJhbmNlLXBvcnRhbC5jYSUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmV2ZW50JTIyJTJDJTIyc3RhcnRfcHclMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1c3def6d811809d0841cce85e937b8c35d438dd8bc63c39fb004d6c320d9f43

Request headers

Referer: https://insurance-portal.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://insurance-portal.ca
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbRKFSy5M9nW1T5xNn%2FL6YA1FpxK09dykYuSnhKsPPwSb2mXQ62o86%2B9Ec3vPwLayi%2F7LGx4senMX2jS0hTPcM%2Ff%2FXZES4JL%2FuVhGqE%2FN8PW%2BYc4fHao3mhZIL0XSXgkFVLhJ8pG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7f39d0678faea235-YYZ
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400

POST
H3 200 7f39d0582cb439cc Show response
insurance-portal.ca/cdn-cgi/challenge-platform/h/g/cv/result/ Frame A4BC 0
558 B 46ms
45ms XHR
text/plain 104.21.24.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insurance-portal.ca/cdn-cgi/challenge-platform/h/g/cv/result/7f39d0582cb439cc
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.24.187 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQPyqZHhbF3hKI2jgs66WUEFsMezjB8vX10ToCj2zf%2BjCMeMqqOro%2Fj%2F5mcvSuxJXgBlHhaHxM%2Fq1TfCwTOPDHk%2B7mghnY3bG7Bc0BjIusXl7RVV1VL7z76tmpB%2Fyq4mIfMZ%2FMU%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f39d06828c1a235-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
conversations-widget.brevo.com/ Frame 4D4E 1 KB
1 KB 48ms
48ms Document
text/html 104.18.12.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://conversations-widget.brevo.com/?isModern=true

Requested by

Host: conversations-widget.sendinblue.com
URL: https://conversations-widget.sendinblue.com/sib-conversations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18f6a026cfab715969dece7140ab61f5e448b7e10c3c5821de1b67628b2e8a6

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1626
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800
cf-cache-status: HIT
cf-ray: 7f39d0686f5a3700-YYZ
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://d13sozod7hpim.cloudfront.net; child-src 'none'; img-src https://d13sozod7hpim.cloudfront.net 'self' data: blob: https://ucarecdn.com; connect-src 'self' data: https://upload.uploadcare.com ws://conversations-widget.brevo.com/ wss://conversations-widget.brevo.com/; style-src 'self' 'unsafe-inline' https://d13sozod7hpim.cloudfront.net; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'
content-type: text/html; charset=utf-8
date: Tue, 08 Aug 2023 18:27:33 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 2 KB
2 KB 226ms
49ms Script
application/javascript 23.105.12.131
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=1673027577&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=178&ut=&uts=&windowlocation=https%3A%2F%2Finsurance-portal.ca%2F&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.131 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: eec64cc1e5caf8f9453cbdd5fa591ead419508677e20afbe0101886f8e77e4fe

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: application/javascript; charset=UTF-8
x-smrt-i: 7974420
cache-control: no-cache,no-store

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7CED
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

1564ms
73ms

Document
text/html

96.16.25.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=178&ut=&uts=&windowlocation=https%3A%2F%2Finsurance-portal.ca%2F&usp=&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-25-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 18:27:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 08 Aug 2023 18:27:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
server: AkamaiGHost

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
https://sb.freeskreen.com/um?sa=269243825164727293

43 B
432 B

45ms
44ms

Image
image/gif

3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?sa=269243825164727293
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?sa=269243825164727293
pragma: no-cache
date: Tue, 08 Aug 2023 18:27:33 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://sb.freeskreen.com/um?tlr=f6a45386672a47f6a81390512cf1b75b

43 B
449 B

44ms
44ms

Image
image/gif

3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?tlr=f6a45386672a47f6a81390512cf1b75b
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

location: https://sb.freeskreen.com/um?tlr=f6a45386672a47f6a81390512cf1b75b
date: Tue, 08 Aug 2023 18:27:34 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
https://sb.freeskreen.com/um?ac=97cb94d2-6bc5-4759-8dca-3c7dfe8988e8

43 B
615 B

52ms
52ms

Image
image/gif

3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ac=97cb94d2-6bc5-4759-8dca-3c7dfe8988e8
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:37 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 18:27:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://sb.freeskreen.com/um?ac=97cb94d2-6bc5-4759-8dca-3c7dfe8988e8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://loadeu.exelator.com/load/?p=204&g=1300&j=0
https://loadeu.exelator.com/load/?p=204&g=1300&j=0&xl8blockcheck=1
https://sb.freeskreen.com/um?ni=032c4a1ac23ea34c7bbc0317d15911f1

43 B
489 B

44ms
44ms

Image
image/gif

3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ni=032c4a1ac23ea34c7bbc0317d15911f1
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

date: Tue, 08 Aug 2023 18:27:34 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sb.freeskreen.com/um?ni=032c4a1ac23ea34c7bbc0317d15911f1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/ 400 KB
127 KB 39ms
38ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15503
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129393
x-xss-protection: 0
server: cafe
etag: 2294886439466480038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 07 Aug 2024 14:09:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 440 B
249 B 130ms
53ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=insurance-portal.ca

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

26e38df63dc9fab4c193192c23354f7723d7a397217996ae3d26895289c55be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 224
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:27:33 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 369ms
47ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-T179X7HBHY&gtm=45je3820&_p=1319640972&_gaz=1&cid=1140464051.1691519254&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691519253&sct=1&seg=0&dl=https%3A%2F%2Finsurance-portal.ca%2F&dt=Insurance%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T179X7HBHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 1149ms
53ms Ping
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T179X7HBHY&cid=1140464051.1691519254&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T179X7HBHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 1160ms
61ms Image
image/gif 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T179X7HBHY&cid=1140464051.1691519254&gtm=45je3820&aip=1&z=2027770754

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 62ms
61ms XHR
text/plain 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1319640972&t=pageview&_s=1&dl=https%3A%2F%2Finsurance-portal.ca%2F&ul=en-us&de=UTF-8&dt=Insurance%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=565930105&gjid=795768022&cid=1140464051.1691519254&tid=UA-11360833-13&_gid=1629682683.1691519254&_r=1&_slc=1&gtm=45He3820n81TLS244N&z=1149973454

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 82d9b6d0874aef543d58b0cfabdee2fd765c8c3f.css
d13sozod7hpim.cloudfront.net/jscss/ Frame 4D4E 83 KB
15 KB 1148ms
47ms Stylesheet
text/css 13.225.66.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d13sozod7hpim.cloudfront.net/jscss/82d9b6d0874aef543d58b0cfabdee2fd765c8c3f.css?meteor_css_resource=true
Requested by: Host: conversations-widget.brevo.com
URL: https://conversations-widget.brevo.com/?isModern=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-62.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8f3d2b681ec607484c3c0d589d186edf7a56c57e0a531c27f115433a876315b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://conversations-widget.brevo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 04 May 2023 11:13:06 GMT
content-encoding: gzip
via: 1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
last-modified: Wed, 03 May 2023 12:47:35 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 8320470
etag: W/"ff9443d97acbbc5a2b944fd19b9e263f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: e10N1y27q8R7a7Fe7onWr9QAOTLj7cdKJYYWKAKUM0sEIayZ0QjZDA==

GET
H2 200 meteor_runtime_config.js Show response
conversations-widget.brevo.com/ Frame 4D4E 610 B
609 B 36ms
36ms Script
application/javascript 104.18.12.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/meteor_runtime_config.js?hash=326de1f86235d6fb3e3236b32fd453c5f825709a
Requested by: Host: conversations-widget.brevo.com
URL: https://conversations-widget.brevo.com/?isModern=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d03b5c8aae5c43ea4db3256862acd17208b28cf9d4cd9737646702ad147a13

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://conversations-widget.brevo.com/?isModern=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:33 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 9
etag: W/"cb42a54b82519c729de5eff44186d8138ecae63f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7f39d068d82c3700-YYZ

GET
H2 200 4daf2124c8c48179233c246e04638a299ccbbae3.js Show response
d13sozod7hpim.cloudfront.net/jscss/ Frame 4D4E 1020 KB
301 KB 1169ms
68ms Script
application/javascript 13.225.66.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d13sozod7hpim.cloudfront.net/jscss/4daf2124c8c48179233c246e04638a299ccbbae3.js?meteor_js_resource=true
Requested by: Host: conversations-widget.brevo.com
URL: https://conversations-widget.brevo.com/?isModern=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.66.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-66-62.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9fa49c6662d0b48a1df31b485e30e53aaaee80fc8704cb5813a8c03d2a4f7b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://conversations-widget.brevo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 10:06:58 GMT
content-encoding: gzip
via: 1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
last-modified: Mon, 12 Jun 2023 09:42:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 4954838
etag: W/"30d3ba98fcc825ba16e2c599ae4149a8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: KF83oxghHhjTJwmf1VNsuZReB8HcvTYC-faWBk8MpgX20jfU-ipk4Q==

GET
H2 204 p Show response
in-automate.brevo.com/ 0
34 B 77ms
77ms XHR
text/plain 104.18.13.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=szl8zd6t6rzdekt2bv6xx&cuid=bffd6700-ff2c-4a3e-9aa7-08aa464f4781&ma_url=https%3A%2F%2Finsurance-portal.ca%2F&sib_type=page&ma_title=Insurance%20Portal&sib_name=Insurance%20Portal&ma_referrer=&ma_path=%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=szl8zd6t6rzdekt2bv6xx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 18:27:33 GMT
cache-control: no-cache
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f39d068de985419-YYZ

GET
H2 200 modules.92ff9978854791af68a7.js Show response
script.hotjar.com/ 223 KB
55 KB 3216ms
72ms Script
application/javascript 13.249.39.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.92ff9978854791af68a7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1643280.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.39.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-39-105.iad89.r.cloudfront.net

Software

Resource Hash

f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 15:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f88487c9214731db4c82619c9183bf7a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
age: 443610
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55640
last-modified: Thu, 03 Aug 2023 15:13:59 GMT
etag: "9e14d47807cbae60a1fa1410419e20a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: s98ldYRumPJOgxfXwLlGZQuPjHBqMPpRw83vLTkpkthhb_A7iqocxA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 1073ms
52ms XHR
text/plain 142.251.111.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11360833-13&cid=1140464051.1691519254&jid=565930105&gjid=795768022&_gid=1629682683.1691519254&_u=YADAAAAAAAAAAC~&z=435498286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3F44
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

1489ms
78ms

Document
text/html

96.16.25.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: ww1772.smartadserver.com
URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=1673027577&out=js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-25-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 08 Aug 2023 18:27:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 08 Aug 2023 18:27:34 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H2 200 / Show response
fastlygeo.m32.media/ 179 B
306 B 34ms
24ms XHR
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlygeo.m32.media/
Requested by: Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 09431cbec93e9ecc2f2f3b83c918c0a37cfea19b36904af83404a5478dfe5480

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-yyz4566-YYZ
date: Tue, 08 Aug 2023 18:27:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1691519254.108045,VS0,VE0
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 179
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 822ms
41ms Script
text/javascript 99.84.223.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.223.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-223-47.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 08 Aug 2023 09:10:37 GMT
Via: 1.1 837618b47e5c2bb0a75ec63765498424.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD79-C1
Age: 33418
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: uHxWiFXb93euBzx2kod7All3ayW9-MnsIgB0Is5PtdFoWuhauOTmfg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 828ms
49ms Script
text/javascript 18.160.46.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 11:15:11 GMT
content-encoding: gzip
via: 1.1 941f9399edc1f082afabdbb29c8909b8.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 25944
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 8GLcRXhXEmYouMkgQtg0w_lkOFP0LXh_-nOY_zFzaOLw7hKCetM3ug==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 814ms
36ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: EDTJXRM1BKSGX3QS
age: 1772
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f39d06f6dc83739-YYZ
x-amz-id-2: s8riB6nH6ro+dgASts487Ik/Qc/17drWGNFaphalRo56tyRsywdqX+PImzrq80ledbekx2S6ugyO/0j2MJCX9w==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
815 B 25ms
25ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Aug 2023 18:27:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25641
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4534-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
26 KB 1326ms
1325ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1930661422729132&correlator=1031396997959042&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=21658289790%3A1051950%2Cinsuranceportal%2Csearch&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=1&didk=632894925&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691519254156&lmt=1691519254&adxs=315&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance-portal.ca%2F&frm=20&vis=1&psz=0x0&msz=970x0&fws=132&ohw=1600&ga_vid=1140464051.1691519254&ga_sid=1691519254&ga_hid=1319640972&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhf2ds50xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF_Z2znTFIAFICCGQSGQoKcHViY2lkLm9yZxiF_Z2znTFIAFICCGQSGQoKdWlkYXBpLmNvbRiE_Z2znTFIAFICCGQ.&dlt=1691519253044&idt=889&prev_scp=tile%3D0&cust_params=title%3D--Insurance-Portal%26full_title%3D--Insurance-Portal%26title_40%3D--Insurance-Portal&adks=3602724501

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

0097a633ba6c1deb005254e2daff842b51e9e5f6aa69c14af998b139f19c006c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26987
x-xss-protection: 0
google-lineitem-id: 6303384381
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138439306036
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 1297ms
1296ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1930661422729132&correlator=1031396997959042&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=21658289790%3A1051950%2Cinsuranceportal%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&didk=632894922&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691519254165&lmt=1691519254&adxs=1055&adys=415&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance-portal.ca%2F&frm=20&vis=1&psz=83x23&msz=300x0&fws=132&ohw=1600&ga_vid=1140464051.1691519254&ga_sid=1691519254&ga_hid=1319640972&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhf2ds50xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF_Z2znTFIAFICCGQSGQoKcHViY2lkLm9yZxiF_Z2znTFIAFICCGQSGQoKdWlkYXBpLmNvbRiE_Z2znTFIAFICCGQ.&dlt=1691519253044&idt=889&prev_scp=tile%3D1&cust_params=title%3D--Insurance-Portal%26full_title%3D--Insurance-Portal%26title_40%3D--Insurance-Portal&adks=1993801651

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

d4c7850eaddab34fe647c1d66253697c80ba0e4c23f9623d1bcdfed536982193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16264
x-xss-protection: 0
google-lineitem-id: 5166435026
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286910770
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 1638ms
1637ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1930661422729132&correlator=1031396997959042&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=21658289790%3A1051950%2Cinsuranceportal%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&didk=632894923&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691519254170&lmt=1691519254&adxs=650&adys=1154&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance-portal.ca%2F&frm=20&vis=1&psz=83x23&msz=300x0&fws=132&ohw=1600&ga_vid=1140464051.1691519254&ga_sid=1691519254&ga_hid=1319640972&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhf2ds50xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF_Z2znTFIAFICCGQSGQoKcHViY2lkLm9yZxiF_Z2znTFIAFICCGQSGQoKdWlkYXBpLmNvbRiE_Z2znTFIAFICCGQ.&dlt=1691519253044&idt=889&prev_scp=tile%3D2&cust_params=title%3D--Insurance-Portal%26full_title%3D--Insurance-Portal%26title_40%3D--Insurance-Portal&adks=1993801648

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

6feca96f2b5191643ca2e21e69a88ab7dd01e9ae512cb127a07f90ec7d644824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16258
x-xss-protection: 0
google-lineitem-id: 5166435026
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286517256
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 764ms
763ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1930661422729132&correlator=1031396997959042&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=21658289790%3A1051950%2Cinsuranceportal%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=4&didk=632894920&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691519254174&lmt=1691519254&adxs=315&adys=3096&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance-portal.ca%2F&frm=20&vis=1&psz=83x23&msz=970x0&fws=132&ohw=1600&ga_vid=1140464051.1691519254&ga_sid=1691519254&ga_hid=1319640972&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhf2ds50xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF_Z2znTFIAFICCGQSGQoKcHViY2lkLm9yZxiF_Z2znTFIAFICCGQSGQoKdWlkYXBpLmNvbRiE_Z2znTFIAFICCGQ.&dlt=1691519253044&idt=889&prev_scp=tile%3D3&cust_params=title%3D--Insurance-Portal%26full_title%3D--Insurance-Portal%26title_40%3D--Insurance-Portal&adks=1869098781

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

cba86485f1349018bdf4d88bfbe2d9e7b55e3d0665af2a54d84f48fe1035406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16288
x-xss-protection: 0
google-lineitem-id: 5166435026
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286909057
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 567 B
294 B 1675ms
1674ms XHR
text/plain 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1930661422729132&correlator=1031396997959042&eid=31076399&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=21658289790%3A1051950%2Cinsuranceportal%2Csearch&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=632894921&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691519254178&lmt=1691519254&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Finsurance-portal.ca%2F&frm=20&vis=1&psz=1600x4081&msz=0x-1&fws=132&ohw=1600&ga_vid=1140464051.1691519254&ga_sid=1691519254&ga_hid=1319640972&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhf2ds50xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF_Z2znTFIAFICCGQSGQoKcHViY2lkLm9yZxiF_Z2znTFIAFICCGQSGQoKdWlkYXBpLmNvbRiE_Z2znTFIAFICCGQ.&dlt=1691519253044&idt=889&prev_scp=tile%3D4&cust_params=title%3D--Insurance-Portal%26full_title%3D--Insurance-Portal%26title_40%3D--Insurance-Portal&adks=2679838108

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

c47fbbc6ae8c63140e8569154d495a26021774fb5ebf7d0927b801cc006f2136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A483 6 KB
3 KB 240ms
57ms Document
text/html 142.250.65.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:27:34 GMT
expires: Wed, 07 Aug 2024 18:27:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
616 B 187ms
96ms XHR
application/json 18.209.202.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.202.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-202-62.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0392d61d59fb5f51f8b141f4275e53ac7008c4f10b8caef8ed6e314c3e5fadc5

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache
x-server: 10.40.41.30
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 629ms
127ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://insurance-portal.ca
date: Tue, 08 Aug 2023 18:27:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 70ms
68ms Image
image/gif 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11360833-13&cid=1140464051.1691519254&jid=565930105&_u=YADAAAAAAAAAAC~&z=509494609

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 62ms
59ms Image
image/gif 172.217.13.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-11360833-13&cid=1140464051.1691519254&jid=565930105&_u=YADAAAAAAAAAAC~&z=509494609

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4D4E 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 4D4E 215 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame 4D4E 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 4D4E 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 4D4E 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 info Show response
conversations-widget.brevo.com/sockjs/ Frame 4D4E 78 B
259 B 441ms
440ms XHR
application/json 104.18.12.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversations-widget.brevo.com/sockjs/info?cb=g_9g1hng4l
Requested by: Host: d13sozod7hpim.cloudfront.net
URL: https://d13sozod7hpim.cloudfront.net/jscss/4daf2124c8c48179233c246e04638a299ccbbae3.js?meteor_js_resource=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c356d473ccf550fda99239d57576c8ac0fde4665cbfe5cf2e4d70376ccdc29

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://conversations-widget.brevo.com/?isModern=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 18:27:35 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300, no-transform, must-revalidate
cf-ray: 7f39d0718e403700-YYZ

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FA5 0
0 63ms
63ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstidYTi0vMW51EpTjaKoqCE6sTpS41tODS5eAVcvOPDd3CykJBTKXfxCEtrQ04VXd0LQ7CaeqARSecvPWxyzOVq0wz8bZmG5SIDjJFoOMs_B4SsJQv-JwAiBPmkNoxqMJWeAJSGUpYRoD2KuB4XvTtyK14pVnuD2MMwRaGtq2a3SWfNfamZ-mfdpO3zQjo-0It3HNtSdVfZgxLBcstPBfIWoSR9LvU56DIEY_CU-8qO-ANTokLYVlL_vhgYKsIa6GMYXZ7Us-aMrMg8vVuRQlZeT5uC2B_zlzGKPQBtPZrZKo2hbIMxXch5rZ3GnpcLBLmJtUUPDhdqWBWEDlCP_5YEH54&sai=AMfl-YQOyIQgJvjFxcOE4A98A0dtD0UQvYr2sIlppCOIubr4Zaph2i3Ldvp2h1lm9fOCTcLwJjZVjS7VJaOo9ZNHO4IKjSX6HVhDryCbD_p5k004alHwgOyOhLGUQWcxb2CZpHGxa8K3klL9kraaH1o7&sig=Cg0ArKJSzAOjdGpJ9kUfEAE&uach_m=[UACH]&adurl=

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:27:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 0FA5 3 KB
2 KB 139ms
38ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:31:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FA5 179 KB
57 KB 444ms
102ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:27:35 GMT

GET
H2 200 5276287991259518779
tpc.googlesyndication.com/simgad/ Frame 0FA5 15 KB
15 KB 161ms
61ms Image
image/gif 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5276287991259518779

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

00052618e0c338413d2275bb527f6f0687cd5b8bc4a974b05e5092b5d04481a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 00:33:20 GMT
x-content-type-options: nosniff
age: 64455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15013
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:29:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 00:33:20 GMT

GET
DATA 200
OK truncated
/ Frame 0FA5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a52950844a7548026338c0216893e02dcadde933df4ab75eae39e00fa5cac064

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8FE7 0
0 1255ms
69ms Fetch
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHngTSYWWWIhTWJNsBYHv37Ox8ttO4Q4NoMsVmPmamoPo6Uh7uTvZ_gIAEM3uwDqdp4ClJy-ZjtyFLPiZ4Sl-iyQv2YtCBt4Oc84MNID6RCIMcqmzL7_t-KQAeEGs3dCXb2m2V1cMbTKG5FeKcZ2B03jJOAwvRfsrt05ylpNEC56HTmm_WxTsckl1Iivyz-YM9ibUGXYfpBGiI-fohENvNIoMLYm5NxOHbqFp3bfyN9fBbAABSuNkpO6qZm0p4pO6vrv62_ko4wOLep7wsy7qn1y34mAgzY8xosXbiXYDx59c4u8sIH-53_4lI1d3Kr37HKYzzuppMGF-rzlq48c59inAXxbqrOuSnU-1uqjAAApO5-o46APgb_gfrfeqcKnw3ADRPgdNWZ5lAPOdw0bpL&sai=AMfl-YTYlXY3iXTtLLWdoDEZnGwhRzxQtFndTCSfeouZKXCsUdxkfLf-Q7_Ij2pQ5tf2tvbfw_mUWjl2qMMe8fikVbLf4F_aqQc4qWuSYjesUewDpAh3SU6-qLIB6jMM2hTkYW0ezvkZaao9cTSmIhVj&sig=Cg0ArKJSzLEOKANBa1Y4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:27:36 GMT

GET
H3

204

gen_204
www.google.com/ Frame 8FE7
Redirect Chain

https://ad.doubleclick.net/ddm/jump/N728005.4399083INSURANCE-PORTAL./B30150235.370918080;sz=970x250;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];dc_tdv=1
https://www.google.com/gen_204?reason=EmptyURL

0
0

64ms
63ms

Fetch
text/html

172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?reason=EmptyURL

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-wrdQBgegdY1gBLapSBvt3g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wrdQBgegdY1gBLapSBvt3g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 08 Aug 2023 18:27:36 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Redirect headers

date: Tue, 08 Aug 2023 18:27:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.google.com/gen_204?reason=EmptyURL
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 m.js Show response
ctxtfl.com/scripts/js/ Frame 8FE7 19 KB
8 KB 3515ms
110ms Script
text/html 34.107.189.102
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020jTLXljGVP4BPscXZ0nJ&cb=3731778933&adv=10619957&buy=30150235&cid=194859828&pid=370918080&ok=ok
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 102.189.107.34.bc.googleusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 01433bd0055a6f51f3461d6db20a7f53981a49f96332ea6708e860d16b0eb5d0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:39 GMT
content-encoding: gzip
via: 1.1 google
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7540

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FE7 41 KB
14 KB 77ms
41ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 01:28:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FE7 179 KB
56 KB 418ms
140ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:27:35 GMT

GET 1290460786014584551
s0.2mdn.net/simgad/ Frame 8FE7 0
0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F7F3 22 KB
8 KB 39ms
37ms Document
text/html 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 401262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 02:59:53 GMT
expires: Sat, 03 Aug 2024 02:59:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3F44 34 KB
10 KB 182ms
106ms Script
text/html 96.16.25.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-25-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9a8519d0b37e547321f8362a8df64d28488087eee314766739585adcab5fe09f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:27:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 02:09:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27755
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 09 Aug 2023 02:10:10 GMT

GET
H2 200 MejQyNchbh96QLjIVn5CzaVVCbSe26_fLQnYQJJK6Sg.js Show response
pagead2.googlesyndication.com/bg/ Frame F7F3 37 KB
15 KB 147ms
48ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MejQyNchbh96QLjIVn5CzaVVCbSe26_fLQnYQJJK6Sg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

31e8d0c8d7216e1f7a40b8c8567e42cda55509b49edbafdf2d09d840924ae928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 20:31:25 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7CED 34 KB
10 KB 99ms
77ms Script
text/html 96.16.25.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.25.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-25-140.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9a8519d0b37e547321f8362a8df64d28488087eee314766739585adcab5fe09f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:27:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 02:09:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=27755
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 09 Aug 2023 02:10:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AE 0
0 78ms
77ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1snm_nAibWY9y0mDmJ5BJCeINrKJmiV411dMXBTVefwhwFydICjkWMGhWJ6W8ppppzX8dzct2mGVNYgGpG-laOn_RKlIIE8HEXgPHszGCqcmlb-ojDkg13Cs-xBxE7JEQxJjmqCfS5vLesiO6WIUs7wtTti8ImOJMDTdmOAFMBgYfkcrGvV94uo1TFnr1iaPr3MYGHNcDEWveT8zdkpWF-NUPiGcUXXVKvNwY3lUXvroAnL8XDA0FsWNNAuZ1ToZZjQT8wfMrNH8V88esdP6DK6H7pzZ84tMvFGybQ5mF7AH2JwevT1hYEJS1JmcRoFvzw9aC-UCqsUNUZvpo651FJq8&sai=AMfl-YTpUTfddl4tJDcfJqKW_1cnV6qajTxQnXwpYUGM7buHVsgdu7YIvEtMIkjy9XrQXyGYwbZc14S7_iMzH3Rr-m9U4AffQ0HSftallAVZ-dhVdWk1DbuHeOwbkzuKxNf3veiQznzhVmSvOL-u0Hvw&sig=Cg0ArKJSzGFCgtAj56A0EAE&uach_m=[UACH]&adurl=

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame A6AE 3 KB
1 KB 43ms
41ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:31:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6AE 179 KB
56 KB 158ms
156ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:27:35 GMT

GET
H3 200 11653563424163101463
tpc.googlesyndication.com/simgad/ Frame A6AE 15 KB
15 KB 42ms
41ms Image
image/gif 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11653563424163101463

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

b600c1b97978be94903ce3b1bc102d6778d9ad78f2a9c324cf830b656752a387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:26:05 GMT
x-content-type-options: nosniff
age: 3690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15373
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:27:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 17:26:05 GMT

GET
DATA 200
OK truncated
/ Frame A6AE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a56317f7bcbad0dd09ed1b60d146de2ba86ae2e10f3476c8b911e8daaebf684

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7CED 284 B
919 B 185ms
43ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3F44 284 B
932 B 174ms
44ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FA5 0
0 61ms
60ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzxVwZBPi7suSEEiS_v4eUWQuO3MT7ejzmMigkmC5Zty88-ekiukjkfEvmByBT46Mcif0un48JPVGK7M_tKokB9p6dTsXc45ZZo-6vxZYcZSRQ1MgJAFawtPeb4iU-BYrAco_NycUDSt6c3BTbOgDQGmat6QUcchUvVgiIbhZzxXQpm0H0DmgSC4ZCCZNADd3ZlhNdTvSUlYJ0xa2spTuGv22nOUrC0j4kLWuqx_W0c4vmotv1Qw4CF-FSa2DC3EgZnWtKSimJxs5AZCG8D5d2ZCZoVOCORSE9YAXbwMqUcwAh1IyypHMmd2pLzlOrBTtwu3gQKveyrxj-BhJkNikKBLIMKw&sai=AMfl-YS_AHyuEZZS5N0c1iAi_fGbm0fpjHO6N2GtbW68WyhmSqrUs62Xf-aXCJX2WzLE3PCNrrZ1v4hGNFY8oIUaqYhCfpUzJO-AEwGMSKNvPReUqTNUejVAqNO8N_nB6HWKdqAhQzTQ5q8fOAtcBUbN&sig=Cg0ArKJSzAVhnHLJP8QOEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:27:36 GMT

GET
DATA 200
OK truncated
/ Frame 8FE7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47e0b361e33992e1a77dc80db196f09331acc45acde3ca1a735b5507068de190

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AE 0
0 61ms
61ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLfl4_csefNfJEk4ydEnbOj5-hgRLz-wmWuoUn5sYVjSdM150TrldIB7fHOikrkkv3SzLYmZgdKRBttSN2HHFsTzn9UcGCe1xTs5SZq6P8AguEQ4yc40DA6-8apAuSsVSsIUW7qdd7qXuhVzgBHuMTMQZ6PLot-Vi6XqDg5sorwJsQvc8IZB8vQVNxtX24rBSgYPCzcCV2OgDcANlyWFEFcgaZqgyPWc3MoT-V1KJj_jzaY4FGK6g1jwfbYAUpB7InOSEH8ICqpdHCXucTwGb8OBaznDA0NZVOQ8Q0Yc8eVej38mSQK2Hs_lLNALNELeghW45hyY-fllT8FJyaC42eHaheA&sai=AMfl-YTWKfVVKX0e59io2AECzdLLpZR1n9Wk1KFSGu2YTVFohY4KqG6P2d2qHC9Nf2L6mfC20S4QcQ8dxsuPpPRYssWW4r9YQ_8Nvd2q0Dx1yr5nP6a5xWdjd0gF6ex2IcGrFhRqvNA9hBQKX_NFe7yf&sig=Cg0ArKJSzFKAtUcENouoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:27:36 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F3 0
217 B 73ms
72ms Image
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqvNYFonSZNjcDZmunwTXqqUYAAAAADgB4AQC&bg=!y8ilyJzNAAaeEKnZvhA7ADkAdvg8Wn1hYi4PkEkNByT2ury21GQmOBr-aqrKzEefF2rQGcshg-AQ3Ij3JmT4gtyWkT-QTflLL-QCAAAAYVIAAAAJaAEHCgByUfL0IBU9LgvTRlTnBYSkP0Z9sqqVKHJZBcntlj8SDeUVWzqNzmLW5k2JxeWG0AJRPU9aj22_A49FXmOw1B5LrlsDRBrm7A8y7V9wgYi1CQcczS4jPL1xzWG9-oj5mJ5_yTPsq5dNk92KPcUbHc1VIE4QmQLDI7bk5yYUs4I8RHTOY-GHv3TkuLemu7akQku3pB7-DbP6CTG-YYBQWLVkH1jI6mzW6mJU_4PASvkeAfBPNwI3Hy0TnAB1qVfWuERuohXrTi79sq-LP4PoyllsuMBefCiMOsE6I1KU_9PsVcIzHEdiZ9_-VJ6sxUuz26A62CeW_lo3ZIsRl07FYoqEgwa0zlsGtTrMrMRxQqWDS-YyCxqrC46-7aqqnBbVykjpMAH1HCZ1GeF5KMO6P60tKBhaG9fch84Rp3ebAAJXE6jnMkOIEa4i6Pgaw7Vds1CHv6kaSLKDs6f47nb0TlwDEZqP6vnfbMU6aACMp6LAxJVrqAmec7Q2jwX3dnwZn5CPXLg97EqIpjTKhxJhcoTyhkvotSOTmShNQOJlHn05ZPsSY5GaH1Pq33GCPK5zKzKert-ntEw3tf3FEVT95o4Q8hh92NynLfOXAwvh2IGeb3SLPNs9IWLzNnuIF56Fc5DmSPz5AmKKOXYPO8p_MY6TqM2B1ARBehKHLnJ8wmwLksaYs02_W-K48jEIKm_m7P-AzSOB1grZ0A2B1y-HxN051OK7O846RH7CZAsYwM8rAzWI6mbKeNI2roZly0kP5-Sy_xdLWJGXfgPQEUezNv2TGqaiw45f38QjIVVKpdJTu-sqecDxtU5GWHqmnjltktSOncoQQw2lwosJ7ZaakkdzsKcDJLJVu4S1_pH9rv_1XIBMcmhZJG_JVwubXfB6vTGN3B0DdD4_hQ66Iyv8bOvTDi_N0qTylPKfyKI5wPPyAfK_-ZM4A2jyQ7XJklXfg3a3hpc1zEDNXQJPDwwzggalvpOBI4OkYUsx8O8UGSVeAHDbW2N1G5y5exkqxoCdrl1G3rDbfOeyM1tKn78VlDkbTBViSDBR9wzuCPasrp_Hdz2ztWcXe0tbxoKQMSk52GC104ZdSpT6Obw

Requested by

Host: insurance-portal.ca
URL: https://insurance-portal.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
sb.freeskreen.com/ Frame 7CED
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456&khaos=LL2MW36C-1Y-4O0V
https://sb.freeskreen.com/um?mg=LL2MW36C-1Y-4O0V

43 B
530 B

44ms
44ms

Image
image/gif

3.233.58.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?mg=LL2MW36C-1Y-4O0V
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 3.233.58.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-58-220.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
server: Apache/2.4.29 (Ubuntu)
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
content-type: image/gif
cache-control: no-cache, no-store
content-length: 43
expires: -1

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sb.freeskreen.com/um?mg=LL2MW36C-1Y-4O0V
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
Expires: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3F44
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LL2MW36C-1Y-4O0V
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LL2MW36C-1Y-4O0V

43 B
406 B

380ms
43ms

Image
image/gif

23.105.12.136
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LL2MW36C-1Y-4O0V
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Server: 23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LL2MW36C-1Y-4O0V
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0163a7456b0a5605e8b1fb1d4fba3e4d
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7CED
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_5P9zJ4wSBmxRMoCIjB9Fg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_5P9zJ4wSBmxRMoCIjB9Fg

43 B
479 B

120ms
119ms

Image
image/gif

52.94.222.140

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_5P9zJ4wSBmxRMoCIjB9Fg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

HTTP/1.1

Server

52.94.222.140 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 18:27:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 988KV7HM2A8R2HGTTGFA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_5P9zJ4wSBmxRMoCIjB9Fg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8bab65602db075726861004da5629947
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7CED
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc9fc7f4-b168-4651-94f7-5eeee298ffd0&gdpr=0&gdpr_consent=&expires=30

42 B
689 B

177ms
44ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc9fc7f4-b168-4651-94f7-5eeee298ffd0&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc9fc7f4-b168-4651-94f7-5eeee298ffd0&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7CED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE8e1dUydOQuIMZ38e_o4nY&google_cver=1

42 B
689 B

197ms
45ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE8e1dUydOQuIMZ38e_o4nY&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 382e2818ca015d35b02cd449aa60881d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE8e1dUydOQuIMZ38e_o4nY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7CED
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGVkNmY4NDk0YzQxMjJiY2UzNTBmMWU1NmNmZDI4NTVhN2ZjYzJjYw

170 B
243 B

168ms
71ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGVkNmY4NDk0YzQxMjJiY2UzNTBmMWU1NmNmZDI4NTVhN2ZjYzJjYw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGVkNmY4NDk0YzQxMjJiY2UzNTBmMWU1NmNmZDI4NTVhN2ZjYzJjYw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8bab65602db075726861004da5629947
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7CED 0
459 B 46ms
44ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7CED
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwyTVczNkMtMVktNE8wVg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC41mqm9EK3V6Y8UQg_dLms&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwyTVczNkMtMVktNE8wVg==&google_push=

170 B
232 B

66ms
65ms

Image
image/png

172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwyTVczNkMtMVktNE8wVg==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwyTVczNkMtMVktNE8wVg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7CED
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL2MW36C-1Y-4O0V

0
730 B

423ms
86ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL2MW36C-1Y-4O0V
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:36 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 59ADE32D87A649378ABD0B71AC8E1298 Ref B: CHGEDGE1313 Ref C: 2023-08-08T18:27:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCbYRs/r/fGEBwuCWxDQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL2MW36C-1Y-4O0V
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7CED
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZYHCSBglTtKaZLuCK5uWKg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZYHCSBglTtKaZLuCK5uWKg

43 B
479 B

55ms
55ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZYHCSBglTtKaZLuCK5uWKg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 18:27:39 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 23ERC1GW9H70NM7J2SWN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZYHCSBglTtKaZLuCK5uWKg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
ucarecdn.com/3ae1212d-2b37-4fa0-8d77-1c6ae3863c64/-/crop/379x379/173,2/-/preview/-/resize/200x200/ Frame 4D4E 7 KB
7 KB 175ms
49ms Image
image/jpeg 184.29.143.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/3ae1212d-2b37-4fa0-8d77-1c6ae3863c64/-/crop/379x379/173,2/-/preview/-/resize/200x200/
Requested by: Host: insurance-portal.ca
URL: https://insurance-portal.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.143.168 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-29-143-168.deploy.static.akamaitechnologies.com
Software: Uploadcare /
Resource Hash: d495804ed0a7201d6a1954b4efe7f2524a41c70cb76852009d6483c8904cf8c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://conversations-widget.brevo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:27:36 GMT
x-image-width: 200
server: Uploadcare
etag: "f0ff50c969ae18442526576d5d7e4c3e"
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31450325
content-disposition: inline
x-image-height: 200
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-length: 6923

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FA5 42 B
64 B 155ms
71ms Fetch
image/gif 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2qOdWIpRB7xjXr_ae4yXL8DAxK7BV08Xioya29SO1lrpYFiGwG4Nk-7jx-WR3HyuqUUnAunowrpuGKX64CjArol4pdYxptfgHYtFxyjlZKEF2R9Ht&sig=Cg0ArKJSzEyJh1IQria1EAE&id=lidar2&mcvt=1000&p=564,1055,814,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1993801651&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691519255489&rpt=546&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 cracq
ctxtfl.com// Frame 0
0 107ms
53ms Preflight
text/html 34.107.189.102
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctxtfl.com//cracq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 102.189.107.34.bc.googleusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://insurance-portal.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 08 Aug 2023 18:27:39 GMT
server: Apache/2.4.52 (Ubuntu)
via: 1.1 google

POST
H3 200 cracq Show response
ctxtfl.com// Frame 8FE7 18 B
32 B 56ms
56ms XHR
text/html 34.107.189.102
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ctxtfl.com//cracq
Requested by: Host: ctxtfl.com
URL: https://ctxtfl.com/scripts/js/m.js?id=1Aw020jTLXljGVP4BPscXZ0nJ&cb=3731778933&adv=10619957&buy=30150235&cid=194859828&pid=370918080&ok=ok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.189.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 102.189.107.34.bc.googleusercontent.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/octet-stream

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 18:27:39 GMT
via: 1.1 google
server: Apache/2.4.52 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18
content-type: text/html

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 48ms
47ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-T179X7HBHY&gtm=45je3820&_p=1319640972&cid=1140464051.1691519254&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1691519253&sct=1&seg=0&dl=https%3A%2F%2Finsurance-portal.ca%2F&dt=Insurance%20Portal&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T179X7HBHY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:27:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insurance-portal.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/simgad/1290460786014584551

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
insurance-portal.ca/	1970-01-20 22:36:08	Name: csrftoken Value: rVsYl6cIZ59rHs08utg2lDaOlpqKUikD9K7KEH6VVq1pREJ9vEcstBtOnaENQbKH
insurance-portal.ca/	1970-01-20 15:18:23	Name: sessionid Value: bcec5zjj98umbxtxx6glcj9ajpa0har9
.insurance-portal.ca/	1970-01-20 18:12:59	Name: sib_cuid Value: bffd6700-ff2c-4a3e-9aa7-08aa464f4781
insurance-portal.ca/	1969-12-31 23:59:59	Name: last_login Value: 2023-08-08
sibautomation.com/	1970-01-20 18:12:59	Name: uuid Value: d7a1cc36-030a-4dc8-9733-81951271cd2a
.freeskreen.com/	1970-01-20 14:02:04	Name: a Value: NTQ2Mz0xfHw7
insurance-portal.ca/	1969-12-31 23:59:59	Name: _ga4s Value: 1
.insurance-portal.ca/	1970-01-20 23:27:59	Name: _ga4 Value: a65147d4-e830-4bd9-8fca-95d77cc0d77e
insurance-portal.ca/	1969-12-31 23:59:59	Name: _ga4sid Value: 1023610981
.insurance-portal.ca/	1970-01-20 22:37:35	Name: cf_clearance Value: 2ZdtqLN6JYKobyaQtbc3EBrH3O90_g3mBIX.KXWutb4-1691519253-0-1-9826a988.f8f5e2b0.bcdab4e7-0.2.1691519253
.insurance-portal.ca/	1970-01-20 23:27:59	Name: _ga Value: GA1.2.1140464051.1691519254
.insurance-portal.ca/	1970-01-20 13:53:25	Name: _gid Value: GA1.2.1629682683.1691519254
.insurance-portal.ca/	1970-01-20 13:51:59	Name: _gat_UA-11360833-13 Value: 1
.tremorhub.com/	1970-01-20 22:37:56	Name: tvid Value: f6a45386672a47f6a81390512cf1b75b
.smartadserver.com/	1970-01-20 22:39:01	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:39:01	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.tremorhub.com/	1970-01-20 13:59:11	Name: tvssa Value: 1691519254001
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 104685=5575347
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 22:39:01	Name: pid Value: 4277283146600887238
.smartadserver.com/	1970-01-20 13:53:25	Name: sasd2 Value: q=%24qc%3D1500020318%3B%24ql%3DUnknown%3B%24qt%3D93_0_0t%3B%24dma%3D0&c=1&l=-1691405731&lo=-472414544&lt=638271160540241167&o=1
.smartadserver.com/	1970-01-20 13:53:25	Name: sasd Value: %24qc%3D1500020318%3B%24ql%3DUnknown%3B%24qt%3D93_0_0t%3B%24dma%3D0
insurance-portal.ca/	1970-01-20 13:51:59	Name: m32_pubgeo Value: JTdCJTIyaXAlMjIlM0ElMjIxODUuMjEyLjExOC4xOCUyMiUyQyUyMmNvdW50cnlfY29kZSUyMiUzQSUyMkNBJTIyJTJDJTIyY291bnRyeV9uYW1lJTIyJTNBJTIyY2FuYWRhJTIyJTJDJTIycmVnaW9uX2NvZGUlMjIlM0ElMjJPTiUyMiUyQyUyMmNpdHklMjIlM0ElMjJ0b3JvbnRvJTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E0My42OCUyQyUyMmxvbmdpdHVkZSUyMiUzQS03OS40MyUyQyUyMm1ldHJvJTIyJTNBMTI0NTM1JTJDJTIycG9zdGFsX2NvZGUlMjIlM0ElMjJtNmMlMjAxYzclMjIlN0Q=
.exelator.com/	1970-01-20 16:44:47	Name: EE Value: "032c4a1ac23ea34c7bbc0317d15911f1"
.exelator.com/	1970-01-20 16:44:47	Name: ud Value: "eJxrXxzq6XKLQcHA2CjZJNEwMdnIODXR2CTZPCkp2cDY0DzF0NTS0DDNcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6ImfHxUUpaQyLSopPBR95bQIAmFsqTg%253D%253D"
.crwdcntrl.net/	1970-01-20 20:20:45	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:20:45	Name: _cc_id Value: 3c10feb3ec1d4302f8d01f1c602f1394
.insurance-portal.ca/	1970-01-20 20:20:47	Name: _cc_id Value: 3c10feb3ec1d4302f8d01f1c602f1394
.insurance-portal.ca/	1970-01-20 13:53:25	Name: panoramaId_expiry Value: 1691605655130
.insurance-portal.ca/	1970-01-20 23:27:59	Name: _ga_T179X7HBHY Value: GS1.1.1691519253.1.0.1691519255.58.0.0
.insurance-portal.ca/	1970-01-20 23:13:35	Name: __gads Value: ID=b4691930e7971ae0:T=1691519254:RT=1691519254:S=ALNI_MaBv1MX8wBc9ihISHyHIQuB7R24UQ
.insurance-portal.ca/	1970-01-20 23:13:35	Name: __gpi Value: UID=000009fa5180cec9:T=1691519254:RT=1691519254:S=ALNI_MaLei3scV8M22fux4qh8BGFjU_5JA
.rubiconproject.com/	1970-01-20 22:37:35	Name: khaos Value: LL2MW36C-1Y-4O0V
.google.com/	1970-01-20 14:35:11	Name: 1P_JAR Value: 2023-08-08-18
.google.com/	1970-01-20 18:15:30	Name: NID Value: 511=pkeGC5HMzsAGhcKbpFOp0pGq_-rMrhNMhlNBAQDWpwhmpa-KUXFjncnt6pMDU4sNfMAcFjItmhEbdEyulKBOSbb57-afcbTKOL1BipH9QcH6l_O602bgLILcPB7vOAYuZ3OTPYBkjyJeNRoU9nk0kI1JRQWreuI_t6ofKoyzpXA
conversations-widget.brevo.com/	1970-01-20 14:02:04	Name: AWSALBCORS Value: ipAF39TagYff6HZU0VZwDGcp8u7g5sE771mgzbtY4tCNZKgkrsrByH3qZZarH3kSsdyt9gppzw7l/4a67bAswlXy+Ymo3rG1Uq86NURNxTtGsYkD7v5iKb+FXc1e
.adsrvr.org/	1970-01-20 22:39:01	Name: TDID Value: fc9fc7f4-b168-4651-94f7-5eeee298ffd0
.adsrvr.org/	1970-01-20 22:39:01	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMjMl8HlkYw8EAUYBSABKAIyCwiEnurt-5GMPBAFOAE.
.linkedin.com/	1970-01-20 22:37:35	Name: bcookie Value: "v=2&cc8ccdc5-6575-4cd9-860c-ce9f9f413baa"
.linkedin.com/	1970-01-20 13:53:25	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3177:u=1:x=1:i=1691519256:t=1691605656:v=2:sig=AQE_dE4GvZJZw2Nnwtnx2eYP93sFo7X4"
.doubleclick.net/	1970-01-20 23:27:59	Name: IDE Value: AHWqTUmhVq34NE7fUgc1T2z9hyEgN96yXC-Fzu3R8St6qyqYVZOp1G8nLWoIHjkV_3I
.smartadserver.com/	1970-01-20 22:39:01	Name: csync Value: 104:LL2MW36C-1Y-4O0V
.admanmedia.com/	1970-01-20 14:12:08	Name: admtr Value: 97cb94d2-6bc5-4759-8dca-3c7dfe8988e8
.admanmedia.com/	1970-01-20 14:12:08	Name: ac_r Value: CS89
.freeskreen.com/	1970-01-20 14:02:04	Name: scmtid Value: "c2FpZD0yNjkyNDM4MjUxNjQ3MjcyOTN8MTY5MTUxOTI1NDA2MyZzY21pZD1oYWdkZmNqYmZiamdidnI4a2lKaXJHSnwxNjkxNTE5MjUzNjA3Jm1naWQ9TEwyTVczNkMtMVktNE8wVnwxNjkxNTE5MjU2NTMyJm5pZD0wMzJjNGExYWMyM2VhMzRjN2JiYzAzMTdkMTU5MTFmMXwxNjkxNTE5MjU0MjgxJmFjaWQ9OTdjYjk0ZDItNmJjNS00NzU5LThkY2EtM2M3ZGZlODk4OGU4fDE2OTE1MTkyNTcwNTU="
.insurance-portal.ca/	1970-01-20 22:37:35	Name: _hjSessionUser_1643280 Value: eyJpZCI6IjEyNDViNWEzLTRmODgtNTZlNi1iNzFjLTFiZDhhODhjZWFhNiIsImNyZWF0ZWQiOjE2OTE1MTkyNTcxNjMsImV4aXN0aW5nIjpmYWxzZX0=
.insurance-portal.ca/	1970-01-20 13:52:01	Name: _hjFirstSeen Value: 1
.insurance-portal.ca/	1970-01-20 13:51:59	Name: _hjIncludedInSessionSample_1643280 Value: 0
.insurance-portal.ca/	1970-01-20 13:52:01	Name: _hjSession_1643280 Value: eyJpZCI6Ijk5MjUzMDg4LTgyM2ItNGM1NC1hNGFhLTU5Y2E0NTVhNmZhOCIsImNyZWF0ZWQiOjE2OTE1MTkyNTcxNzEsImluU2FtcGxlIjpmYWxzZX0=
.insurance-portal.ca/	1970-01-20 13:52:01	Name: _hjAbsoluteSessionInProgress Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:16	Name: ad-id Value: AySkfl2FME1rpuo90sw7ESI
.amazon-adsystem.com/	1970-01-20 23:27:59	Name: ad-privacy Value: 0
.rubiconproject.com/	1970-01-20 22:37:35	Name: audit Value: 1\|UhXs2YbLReXYOW+fWnVdaldezKD1BwnQbeLRUQtspm6uAHuPlfKQDmUyGgtQjjwck9UlEA6ZzTHqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9495b98d6fa3edcb5442a9f5d6d1066b.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
analytics.google.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
conversations-widget.brevo.com
conversations-widget.sendinblue.com
cs.admanmedia.com
ctxtfl.com
d13sozod7hpim.cloudfront.net
eus.rubiconproject.com
fastlygeo.m32.media
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
id5-sync.com
in-automate.brevo.com
insurance-portal.ca
loadeu.exelator.com
match.adsrvr.org
media.insurance-portal.ca
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
public.profitwell.com
px.ads.linkedin.com
rdc.m32.media
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
sb.freeskreen.com
scm.publishers.tremorhub.com
script.hotjar.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sibautomation.com
static-portail-assurance.nyc3.digitaloceanspaces.com
static.freeskreen.com
static.hotjar.com
static.portail-assurance.ca
stats.g.doubleclick.net
sync.smartadserver.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
ucarecdn.com
unpkg.co
unpkg.com
use.fontawesome.com
ws1.postescanada-canadapost.ca
ww1772.smartadserver.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
s0.2mdn.net
104.16.124.175
104.16.203.47
104.17.25.14
104.18.12.29
104.18.13.29
104.18.31.104
104.21.24.187
104.21.86.248
104.22.53.86
104.91.111.76
13.107.42.14
13.225.66.62
13.249.39.105
142.250.65.161
142.250.65.194
142.250.72.106
142.250.80.72
142.251.111.155
142.251.35.163
151.101.193.229
151.101.194.132
162.19.138.118
162.243.189.2
172.217.13.129
172.217.13.132
172.217.13.162
172.217.13.166
172.217.13.194
172.217.13.195
172.217.13.206
172.217.13.99
172.64.103.11
172.67.193.210
18.154.227.85
18.160.41.49
18.160.46.100
18.164.116.111
18.165.98.32
18.209.202.62
184.29.143.168
213.19.162.90
216.239.32.181
23.105.12.131
23.105.12.136
23.105.12.150
3.233.58.220
3.33.220.150
34.107.189.102
34.229.3.43
35.241.48.88
44.193.59.61
52.46.128.147
52.94.222.140
69.16.175.10
69.173.151.100
8.39.36.142
80.77.87.166
96.16.25.140
99.84.223.47
00052618e0c338413d2275bb527f6f0687cd5b8bc4a974b05e5092b5d04481a6
0097a633ba6c1deb005254e2daff842b51e9e5f6aa69c14af998b139f19c006c
01433bd0055a6f51f3461d6db20a7f53981a49f96332ea6708e860d16b0eb5d0
031aa1823dbc818be119fdfcb19d6c73e9761ef10882337926a5846ae66a0fc7
0392d61d59fb5f51f8b141f4275e53ac7008c4f10b8caef8ed6e314c3e5fadc5
054c454b65f435b4b2df541f08bae58657cba07fd898284bc39f75c4bd6283ce
09431cbec93e9ecc2f2f3b83c918c0a37cfea19b36904af83404a5478dfe5480
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff0399249bbc0b7a26e83e095681e4ba6cd5f24f2f129fc56ff4da36828a257
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135d17eb767962f4d70df6636f42aa77b14ea3a6bf804ee11467189badcf2e63
136ab1daed8f4595e2fa1436a7d684b9b9104694997217219bb3751054507bc4
151e819a76cfc3dbf8987102b5fadeab723fbbf91ec62dada233f3802d270ed6
19fed2d10e538f3f1c94e8f16e9f42b3cabaccb941245885a7d116d0efa4ee2b
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
224b0aafaa6587324af38bbab4a0eb10a092bdf26a0fa2ba1e2fa2bd70ba0990
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e38df63dc9fab4c193192c23354f7723d7a397217996ae3d26895289c55be8
27b9543ca24dae3aaa8ada97fb00da54a154ffd448c337159ceaeacddea22b37
2a56317f7bcbad0dd09ed1b60d146de2ba86ae2e10f3476c8b911e8daaebf684
2b9a8bb914c05a19009ef09f74c2876aeb29f621056bfe7b3ba74cc626500c07
2fe6e2fa4b865b4984dde89db09ad6748b63374bbc3bd5b251c588f793ad04df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e8d0c8d7216e1f7a40b8c8567e42cda55509b49edbafdf2d09d840924ae928
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
33b7851714cb0c09581c8fdcf3883ede1245f0ba49ec961c9df70494c59cb3c1
3415c9b710e6054083b53ad180c2573ebe98d428f291cb91b336bd1727ecb992
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
37d71a755368a59862b22954275bd10416de8e28d37cec74707de8b8be616610
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
430725b95468277dcbccc27e08e3d873276c0082737310b0b1ad330392511847
433343bcb0b711bc539e78baf3a531b7b741a8473750c5b3eefa1c9c0a8d7455
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473950091570c62c77f0244b51747b715f0568fcd28f9abe0497ef5d198bdb17
47407f87f9f6cfa1f37171387f60bfc6ed9bcc57702eff76e31fc560251b101e
47e0b361e33992e1a77dc80db196f09331acc45acde3ca1a735b5507068de190
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a084f2aa2d0eab1b6aa5bfccec41ef03ae9e31601e10967529e1a207ffa8acc
4c53a35e26c24b8c9b0444fdbce94dc30043bdb79f7a6ef334b1046e3fbe202e
4e32138ed92a56df8c0de9953f3dccca904d457bcabf4cbf8907bffa2fe7a192
5000979048c5ef2dd5c9ea59247084dd30a823a50c86ce389cd535e74c224c89
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5962557d61c47d867755a353262191363cbb8e4e2668cadfdfbc4be4a320d012
5a0b1f3b7f41a6673a4cb1e737322e711ad7d32097d163ecc9439c52bede6ca9
62c356d473ccf550fda99239d57576c8ac0fde4665cbfe5cf2e4d70376ccdc29
63160fe89a80e4d49565385ad833a4aa2daa12b09d7454d6b0b5c061c24970c1
65f6c13748b0c8d8f9eabd0373a130ac293b3f16bf34aaa946d953980372b932
6716e1fbf6d0c0f086b71e077f2b4fe59a0bbd89e8b1248440d71e24a4df78f3
6ceb96d843e8e8be9034d922255316e6ea71e4aa169521146c160ed02fe4cc55
6d39a17caaa2d0b379e84ee320978e4dae41ca5482fb924ed93a2c4ef1bda121
6fb1cc9a92e5e0c71ff6ac4710bf7eef9af080d4bc43c49939ccbd9f49eb6d95
6feca96f2b5191643ca2e21e69a88ab7dd01e9ae512cb127a07f90ec7d644824
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
7591baa56bbb4c82220882b2878a92072ed87944c93649d4fe179612e6ce3c6e
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
8183dd4b4915b58506075bb2ba4c936304e8cd93e8757ac1119d13eae0a7b8f5
81d15276474c69d703d6c0989041db81a09750157e8a85eb82e435b72812ef44
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88fab1cf3457c3c15d25a67502ff1f39ca70f5e2bc6b048ab673cf3021ccb76b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bc777b35ac7a759c23f3c55152ea4a342161f67faa3184b03cb9cfb71b9c319
92daaeec818ed75a42a2e37409d0c7c3e9ff8158a24492bae77c83aafb9c1306
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
9a8519d0b37e547321f8362a8df64d28488087eee314766739585adcab5fe09f
9f7e63c35f9017e93b76a81b6b00b12ef56e4a2fa8660755c5dc610becad4c84
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18f6a026cfab715969dece7140ab61f5e448b7e10c3c5821de1b67628b2e8a6
a1ae3e14531399c4756ebe0270ffad4e907ac0daaeb8ba43c248c19f679afaab
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52950844a7548026338c0216893e02dcadde933df4ab75eae39e00fa5cac064
a545c57c53ccadffafe24c6461465b9a9dfdb63b9035137d807a40febefac7cb
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7d4e6165ce4042167fcaaa0623eab885d6992458eb05c4fc74184cee79a9eb3
a9fa49c6662d0b48a1df31b485e30e53aaaee80fc8704cb5813a8c03d2a4f7b4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
aedc01bd857380894c53d93655cf5076b5e211a61487e4789de9d652fa1fca36
b07a8e8780a8e9d792c410eac950ae4bf41ada78b9e07128dae53f8a0323faa2
b49c051673a713cbc19823af69be1eb0681c806b310fb342fa036851ca035470
b600c1b97978be94903ce3b1bc102d6778d9ad78f2a9c324cf830b656752a387
b6b151ea0e5be513a03f0e84f3c979e9466a9714369d8f3641f9931b1e6894a7
b7f438d6a2e724b99739f1f11926cff479d31bb0f1b1674f9b24a7bc525999eb
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c018537c68f9c61708c19088d5fa04e9981027f91a182d4c157e21372806b44e
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c10e0ac1a112a02ed70d238679fd6d8c6281b0176376d1291e5be6aa77839a2c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c42300cf9b9e470340d8afb2721d7463de286397c55dfd5d0f466a5c1a86fa4b
c47fbbc6ae8c63140e8569154d495a26021774fb5ebf7d0927b801cc006f2136
c6072112c8cec74b1c589bb323b9c1ea07cf7b38b01ad5d25127cf9306d1a2ef
c60ee76fe55ca8e6b4e892be93474dcb8544c5b5ac5154c58ddda3e3b9d50d94
c73bac037ca7c39290348cf914df999145ee6edbcbed17de02e757c78e30a7ae
c7c20a589ec635e0491c693b29b45205d386f84552ba3fe229291f36cd9cfcf0
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
cba86485f1349018bdf4d88bfbe2d9e7b55e3d0665af2a54d84f48fe1035406f
cbee8a781a5813460ac9573aee4cb78b2660b48ed5fdb3a20aa0cd4c7bf00b1b
d1a9e839a718f9cb7a1049e369565428f6a3ace503349c150e645190ee66a541
d3681f4cd162e9a8d1ee12c1dd99bd25fead9f08543c50ab55214e2cd89851a8
d495804ed0a7201d6a1954b4efe7f2524a41c70cb76852009d6483c8904cf8c4
d4c7850eaddab34fe647c1d66253697c80ba0e4c23f9623d1bcdfed536982193
d578a24caeb97b0110a0708eee108674a5daeed8e37490f0dc39ec0af9c37443
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8f159700dbc986818e73e7761d15b82d022f85dd64a6f7b15a9ec63ef6cfc2
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e1c3def6d811809d0841cce85e937b8c35d438dd8bc63c39fb004d6c320d9f43
e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d03b5c8aae5c43ea4db3256862acd17208b28cf9d4cd9737646702ad147a13
e79a9bf34c9f5e2b7cdec30be1c628bef5b63e809a7fae54551ebd82dc302dd6
edfaeddde33c9c41a74c6d3e7057fbd37df87ef6bc717be266f05c2e504ce084
eec64cc1e5caf8f9453cbdd5fa591ead419508677e20afbe0101886f8e77e4fe
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f2cbdca26b4a69378f33d852d753e98da4d1e072593b84988510426fb7061ae7
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f575112df5398271c1f04b48a995ccc6e17d69730e37304078178d46781152da
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2
f8f3d2b681ec607484c3c0d589d186edf7a56c57e0a531c27f115433a876315b

insurance-portal.ca Open in urlscan Pro 104.21.24.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

88 %HTTPS

0 %IPv6

41 Domains

64 Subdomains

49 IPs

4 Countries

3333 kBTransfer

8191 kBSize

53 Cookies

11 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

insurance-portal.ca Open in urlscan Pro
104.21.24.187 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

88 %
HTTPS

0 %
IPv6

41
Domains

64
Subdomains

49
IPs

4
Countries

3333 kB
Transfer

8191 kB
Size

53
Cookies

156 HTTP transactions
8 data transactions