12ft.io Open in urlscan Pro
76.76.21.22  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request proxy Show response 12ft.io/	14 KB 6 KB	101ms 33ms	Document text/html	76.76.21.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash a24e3a1509e8f1c8fe1c8f6ba5b5437d06a6f22990dd6a18498ee662baa3b4ee Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-origin * age 9757043 cache-control public, max-age=0, must-revalidate content-disposition inline; filename="proxy" content-encoding br content-type text/html; charset=utf-8 date Wed, 26 Jul 2023 14:07:38 GMT etag W/"abc8265ca2a47d67418ff9a11f89c089" server Vercel strict-transport-security max-age=63072000 x-matched-path /proxy x-vercel-cache HIT x-vercel-id iad1::rwvxz-1690380458602-4c2aa470ed47
GET H2	200	js Show response www.googletagmanager.com/gtag/	226 KB 79 KB	93ms 48ms	Script application/javascript	2607:f8b0:4006:820::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-BLV8VETPEP Requested by Host: 12ft.io URL: https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2008 Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6273199bfb151add5e28a60e8947529f1e30639aa5c4b96de249896d5e9c82f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:07:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81002 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 26 Jul 2023 14:07:38 GMT
GET H2	200	b479a8fc987e40beb12c.css 12ft.io/_next/static/css/	19 KB 5 KB	27ms 27ms	Stylesheet text/css	76.76.21.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://12ft.io/_next/static/css/b479a8fc987e40beb12c.css Requested by Host: 12ft.io URL: https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash ca26dfb731b05943c2aa32c9e722f94b4a30177a66b74b6b24b2461c79dba9bf Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 14:07:38 GMT content-encoding br strict-transport-security max-age=63072000 server Vercel x-vercel-id iad1::668l7-1690380458641-51bacf9c8ea4 age 9830734 x-matched-path /_next/static/css/b479a8fc987e40beb12c.css etag W/"12d9ca66c27eb1b2080190cedc3f18dd" x-vercel-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable content-disposition inline; filename="b479a8fc987e40beb12c.css"
GET H2	200	proxy Show response 12ft.io/api/ Frame A7B5	152 KB 18 KB	599ms 598ms	Document text/html	76.76.21.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Requested by Host: 12ft.io URL: https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash e62017168d5b4219f4a2011d727d413e5c119d2cb06a4056666acc16ab6cc9a1 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://12ft.io/proxy?q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 0 cache-control public, max-age=0, must-revalidate content-encoding gzip content-length 18015 content-type text/html date Wed, 26 Jul 2023 14:07:39 GMT etag "fc87-IDRfER3Li7zCkPnA73EkJ5ZSfeI" server Vercel strict-transport-security max-age=63072000 x-matched-path /api/proxy x-vercel-cache MISS x-vercel-id iad1::iad1::rwvxz-1690380458679-a132ce37c8ef
POST H2	204	collect www.google-analytics.com/g/	0 54 B	81ms 35ms	Ping text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BLV8VETPEP&gtm=45je37o0&_p=1233505044&cid=756688382.1690380459&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690380458&sct=1&seg=0&dl=https%3A%2F%2F12ft.io%2Fproxy%3Fq%3Dhttps%253A%252F%252Fwww.lapresse.ca%252Faffaires%252Fentreprises%252F2023-07-25%252Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php&dt=12ft%20%7C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BLV8VETPEP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 14:07:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://12ft.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 248 B	71ms 34ms	Ping text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BLV8VETPEP&gtm=45je37o0&_p=1233505044&cid=756688382.1690380459&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690380458&sct=1&seg=0&dl=https%3A%2F%2F12ft.io%2Fproxy%3Fq%3Dhttps%253A%252F%252Fwww.lapresse.ca%252Faffaires%252Fentreprises%252F2023-07-25%252Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php&dt=12ft%20%7C&en=view_search_results&ep.search_term=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php&_et=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BLV8VETPEP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 14:07:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://12ft.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	lpca-auth.7a53bdcbc6ea92293316.css static.lpcdn.ca/lpweb/dist/lpca-auth/ Frame A7B5	34 KB 8 KB	102ms 19ms	Stylesheet text/css	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/lpweb/dist/lpca-auth/lpca-auth.7a53bdcbc6ea92293316.css Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 4685254b748adc1d6f57c2d9b1b67cf9b6d7501d541f29acdb12981594a394c5 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 11:49:09 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Wed, 26 Jul 2023 11:40:48 GMT x-amz-cf-pop JFK50-P1 age 8310 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control s-maxage=2628000,max-age=300,must-revalidate x-amz-cf-id hoDYZeMmyX1KLC03zp2Xm0hvfo_nlnQ2c3nVs7fi2w4x2By6Wp2VQw==
GET H2	200	storyPageDesktop.bundle.b5baf80858c59a2b7184.css static.lpcdn.ca/lpweb/dist/css/ Frame A7B5	245 KB 56 KB	108ms 25ms	Stylesheet text/css	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash de8afcc847e2e8c5379d20daecac604e25cd2bb75509fae2495a91a32a796364 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Wed, 26 Jul 2023 11:49:09 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Wed, 26 Jul 2023 11:40:48 GMT x-amz-cf-pop JFK50-P1 age 8310 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control s-maxage=2628000,max-age=300,must-revalidate x-amz-cf-id GHLtNuSdtOa2wfSpdiwAN1kOxXsm-9xGlywzvWDXo-7FA-TIzmU9QQ==
GET H2	200	la-presse-logo-web.svg static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	2 KB 1 KB	125ms 44ms	Image image/svg+xml	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/la-presse-logo-web.svg Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 17 Jul 2023 01:23:36 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 823443 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control public,max-age=2628000 x-amz-cf-id sPIdFhTbM7DFhX2n3w0Ay3mc_LO-AcVgVRMkolkFD8KosUhvFw0mJw==
GET H2	200	logo-lp-line.svg static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	3 KB 1 KB	126ms 44ms	Image image/svg+xml	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/logo-lp-line.svg Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 11:13:06 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 874473 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control public,max-age=2628000 x-amz-cf-id 2F7RW6XFztsSCNW9c8QeTdvcLdxF93hlOvmQM8iQua_tzjvr3hMapQ==
GET H2	200	bee28820dc4c33659aa3d99f38d8f7b2.webp mobile-img.lpcdn.ca/v2/924x/36aa287b/ Frame A7B5	21 KB 22 KB	108ms 26ms	Image image/webp	108.139.29.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-img.lpcdn.ca/v2/924x/36aa287b/bee28820dc4c33659aa3d99f38d8f7b2.webp Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.77 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-77.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash fd04676042eba08b3a5166d9d619fca6f42e49c6bb52342603acacd6ee52c718 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 25 Jul 2023 20:58:22 GMT x-amz-version-id 85pm_yVQkePX.IBnS2LW0.6U.g_8hQNQ via 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront) last-modified Tue, 25 Jul 2023 20:57:32 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 61758 etag "cd12f25363586e321727c85076dc83d3" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=604800, immutable accept-ranges bytes content-length 21922 x-amz-cf-id Wyp9Uo46NWT4NpifRKBh-tX0NsXRTOShvsSv5owHJIGOagqD9JtaoA==
GET H2	200	share-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	737 B 1 KB	127ms 45ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/share-icon.png Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 11:13:06 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 874473 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 737 x-amz-cf-id KjrkB8uJKBWDVur-jpAlmHRiBEVEX3x0dH28B1nksAj_6gL4OoQ5eQ==
GET H2	200	12cd0893e64231d3afc048895276debb.jpg mobile-img.lpcdn.ca/v2/100/ Frame A7B5	5 KB 6 KB	110ms 28ms	Image image/jpeg	108.139.29.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mobile-img.lpcdn.ca/v2/100/12cd0893e64231d3afc048895276debb.jpg Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.77 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-77.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 9799589fac6e785e096835be89655693b07f85f95993799053297c3dbba6f3f7 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id gQINQ3SodJmrWTD4uY3A9Hr1gekreiQd date Wed, 26 Jul 2023 13:03:18 GMT via 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront) last-modified Fri, 22 Apr 2022 18:37:32 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 3862 x-amz-server-side-encryption AES256 etag "dba1d99d294b979e4744e01c35ef6846" x-cache Hit from cloudfront content-type image/jpeg cache-control public, max-age=604800, immutable accept-ranges bytes content-length 5227 x-amz-cf-id sCbdjYMKsQjGzFjxbdOY793-ROcuzxTm8tx01zZMLt2i84RFoU3twQ==
GET H2	200	newsletterSubscriptionBox.bundle.7d213172d006b67b7c47.css static.lpcdn.ca/lpweb/dist/css/ Frame A7B5	11 KB 2 KB	125ms 43ms	Stylesheet text/css	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/lpweb/dist/css/newsletterSubscriptionBox.bundle.7d213172d006b67b7c47.css Requested by Host: 12ft.io URL: https://12ft.io/api/proxy?ref=&q=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 1e5bc5e7d9ad9be32c5f9f2baf2dd8f09ba28ce5fc758e3ff5d950a43a784433 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 18 Jul 2023 09:51:58 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Mon, 17 Jul 2023 19:03:14 GMT x-amz-cf-pop JFK50-P1 age 706541 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control s-maxage=2628000,max-age=300,must-revalidate x-amz-cf-id s_zE21Yhg6aEbgcKLb8Mv0ADzLXch6bHujWsH4rrFIy1fA2OBm1JeQ==
GET H2	200	rubrik.css static.lapresse.ca/fonts/rubrik/ Frame A7B5	1 KB 513 B	52ms 18ms	Stylesheet text/css	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lapresse.ca/fonts/rubrik/rubrik.css Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/lpca-auth/lpca-auth.7a53bdcbc6ea92293316.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45 Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 14 Jul 2023 04:42:55 GMT content-encoding br via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Thu, 13 Jul 2023 16:33:05 GMT x-amz-cf-pop JFK50-P1 age 1070684 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public,max-age=2628000 x-amz-cf-id ThNb-umLgr-DyHDV2fOM9l02EOvfmz92AajABZXhP_hFGcpIcEygdw==
GET H2	200	facebook-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	2 KB 3 KB	20ms 18ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/facebook-icon.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 13:55:14 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 864745 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 2426 x-amz-cf-id pOaTrEbQ_tUbOOh6oC95YHg1dpWabvzLgiptL87ahj-8oTjNkVcAvA==
GET H2	200	twitter-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	3 KB 3 KB	20ms 19ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/twitter-icon.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06 Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 14 Jul 2023 09:35:13 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Thu, 13 Jul 2023 16:33:07 GMT x-amz-cf-pop JFK50-P1 age 1053146 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 3245 x-amz-cf-id 53moUjWOYAEXCCAT1zJ2m6uuZ3EOi7oMVfK4nR-yWIFyMVCfFcEQsA==
GET H2	200	linkedin-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	3 KB 3 KB	20ms 20ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/linkedin-icon.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 13 Jul 2023 07:49:10 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Wed, 12 Jul 2023 16:38:45 GMT x-amz-cf-pop JFK50-P1 age 1145909 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 2673 x-amz-cf-id bSx8OpcsCWgmmxOPDHpwBDeGF9CgJym8OBWk0xXL1CPC-bxwUuK42w==
GET H2	200	instagram.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	4 KB 4 KB	21ms 20ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/instagram.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 13 Jul 2023 07:49:10 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Wed, 12 Jul 2023 16:38:45 GMT x-amz-cf-pop JFK50-P1 age 1145909 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 4129 x-amz-cf-id 4Ix6sMmuH3J1a_15GWAbxsExICYwNXY3-vg5aNVQ-WizHngqze-6Rg==
GET DATA	200 OK	truncated / Frame A7B5	292 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	copylink-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	4 KB 4 KB	20ms 19ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/copylink-icon.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771 Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 14 Jul 2023 20:36:40 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 1013459 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 3701 x-amz-cf-id X3PjH8K2cNNXQUb3_XYXyw1rOzEObXhX9QqKs2PKeGa55qUAP9TEIQ==
GET H2	200	print-icon.png static.lpcdn.ca/lpweb/mobile/img/ Frame A7B5	1 KB 1 KB	20ms 20ms	Image image/png	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.lpcdn.ca/lpweb/mobile/img/print-icon.png Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf Request headers accept-language en-CA,en;q=0.9 Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 17 Jul 2023 01:23:59 GMT via 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:23 GMT x-amz-cf-pop JFK50-P1 age 823420 x-cache Hit from cloudfront content-type image/png cache-control public,max-age=2628000 accept-ranges bytes content-length 1055 x-amz-cf-id 39sgNm7y3U6GJqsu9iMgTlFUF817m6Pc15MxxcUFuzSCkDHVITaNMg==
GET H2	200	RobotoSerif-500-Normal.woff2 static.lpcdn.ca/fonts/robotoSerif/ Frame A7B5	27 KB 27 KB	59ms 21ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/robotoSerif/RobotoSerif-500-Normal.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash e63c3b67ef8eeb779e6c7f69e96e317d497b1a851ba9d8a58c012802c83377df Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 17 Jul 2023 01:23:59 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 823420 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 27272 x-amz-cf-id E-Si2j81fvvRNxXEIROyhOQEJVbXiUSenSbZU15fV6IYTw6YvfTJsg== expires Wed, 16 Aug 2023 01:23:59 GMT
GET H2	200	Rubrik-Medium.woff2 static.lpcdn.ca/fonts/rubrik/ Frame A7B5	18 KB 19 KB	79ms 42ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/rubrik/Rubrik-Medium.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9 Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 18588 x-amz-cf-id RCU82E7lHpAvNJ4AC-lEUyfoSFjFijhrt8N0-UEL7o6CWk8ECycZyQ== expires Tue, 15 Aug 2023 07:03:38 GMT
GET H2	200	Rubrik-Regular.woff2 static.lpcdn.ca/fonts/rubrik/ Frame A7B5	18 KB 18 KB	100ms 63ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/rubrik/Rubrik-Regular.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578 Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 17940 x-amz-cf-id TEUT72wHhb7c4HKYOBXBUyU8R1195kAeeCJat_-mU4rzLpbD7RqXOQ== expires Tue, 15 Aug 2023 07:03:38 GMT
GET H2	200	Verlag-Book.woff2 static.lpcdn.ca/fonts/verlag/ Frame A7B5	18 KB 18 KB	73ms 35ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/verlag/Verlag-Book.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756 Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:37 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889442 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 18300 x-amz-cf-id Y29oDEdnPNPkiK_jFmSRA26nM2s_cq_oVrDgBr3I4iBpuHHtFQnuKw== expires Tue, 15 Aug 2023 07:03:37 GMT
GET H2	200	Verlag-Black.woff2 static.lpcdn.ca/fonts/verlag/ Frame A7B5	17 KB 17 KB	94ms 57ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/verlag/Verlag-Black.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186 Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 17308 x-amz-cf-id xJ1y8tlTovrspxYFTWkX6v0lI_f4GnedpPUyx_nCkx9-q6Z8Yn2jMg== expires Tue, 15 Aug 2023 07:03:38 GMT
GET H2	200	Verlag-Bold.woff2 static.lpcdn.ca/fonts/verlag/ Frame A7B5	18 KB 18 KB	97ms 60ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/verlag/Verlag-Bold.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 18388 x-amz-cf-id KcVxUS8CrWwH_mKb99kV60wnY5MNeZCxDwIPngbwoREhpoehVk85Gg== expires Tue, 15 Aug 2023 07:03:38 GMT
GET H2	200	Calluna-Light.woff2 static.lpcdn.ca/fonts/calluna/ Frame A7B5	41 KB 41 KB	88ms 51ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/calluna/Calluna-Light.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824 Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 41884 x-amz-cf-id v-nI9uYSaNwTMAIwL8cAxRopSIzzyCz1SWCECXuZyM8-QU5Zbngj5g== expires Tue, 15 Aug 2023 07:03:38 GMT
GET H2	200	Rubrik-Bold.woff2 static.lpcdn.ca/fonts/rubrik/ Frame A7B5	18 KB 19 KB	75ms 38ms	Font font/woff2	108.139.47.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.lpcdn.ca/fonts/rubrik/Rubrik-Bold.woff2 Requested by Host: static.lpcdn.ca URL: https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-79.jfk50.r.cloudfront.net Software / Resource Hash 334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab Request headers Referer https://static.lpcdn.ca/lpweb/dist/css/storyPageDesktop.bundle.b5baf80858c59a2b7184.css Origin https://12ft.io accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:03:38 GMT via 1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront) last-modified Fri, 14 Jul 2023 16:52:22 GMT x-amz-cf-pop JFK50-P1 age 889441 x-cache Hit from cloudfront content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, public, immutable accept-ranges bytes content-length 18848 x-amz-cf-id lrYjJwvpYZzKfMShQCDWI2wVRYwO4skdJawczmVszDfLYnFeUFoJew== expires Tue, 15 Aug 2023 07:03:38 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	33ms 32ms	Ping text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BLV8VETPEP&gtm=45je37o0&_p=1233505044&cid=756688382.1690380459&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1690380458&sct=1&seg=0&dl=https%3A%2F%2F12ft.io%2Fproxy%3Fq%3Dhttps%253A%252F%252Fwww.lapresse.ca%252Faffaires%252Fentreprises%252F2023-07-25%252Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php&dt=12ft%20%7C&en=scroll&epn.percent_scrolled=90&_et=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BLV8VETPEP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 14:07:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://12ft.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	33ms 33ms	Ping text/plain	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-BLV8VETPEP&gtm=45je37o0&_p=1233505044&cid=756688382.1690380459&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&dl=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2Fentreprises%2F2023-07-25%2Fdesjardins-enquete-sur-un-employe-soupconne-d-avoir-vole-pres-de-3-millions.php&dt=Desjardins%20enqu%C3%AAte%20sur%20un%20employ%C3%A9%20soup%C3%A7onn%C3%A9%20d%E2%80%99avoir%20vol%C3%A9%20pr%C3%A8s%20de%203%C2%A0millions%20%7C%20La%20Presse&sid=1690380458&sct=1&seg=0&en=proxy_view&_c=1&_ee=1&ep.page_host=www.lapresse.ca&epn.content_length_bucket=150000&_et=762 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-BLV8VETPEP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Stony Point, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://12ft.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Wed, 26 Jul 2023 14:07:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://12ft.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| rawJS function| docReady object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.12ft.io/	1970-01-20 23:09:00	Name: _ga Value: GA1.1.756688382.1690380459
			.12ft.io/	1970-01-20 23:09:00	Name: _ga_BLV8VETPEP Value: GS1.1.1690380458.1.0.1690380459.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12ft.io
mobile-img.lpcdn.ca
static.lapresse.ca
static.lpcdn.ca
www.google-analytics.com
www.googletagmanager.com
108.139.29.77
108.139.47.79
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2008
76.76.21.22
08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f
1e5bc5e7d9ad9be32c5f9f2baf2dd8f09ba28ce5fc758e3ff5d950a43a784433
24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f
334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab
4685254b748adc1d6f57c2d9b1b67cf9b6d7501d541f29acdb12981594a394c5
50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756
5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9
6273199bfb151add5e28a60e8947529f1e30639aa5c4b96de249896d5e9c82f9
7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a
8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06
9799589fac6e785e096835be89655693b07f85f95993799053297c3dbba6f3f7
9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578
9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771
9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf
a24e3a1509e8f1c8fe1c8f6ba5b5437d06a6f22990dd6a18498ee662baa3b4ee
ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824
b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf
b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a
ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45
ca26dfb731b05943c2aa32c9e722f94b4a30177a66b74b6b24b2461c79dba9bf
cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf
d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186
de8afcc847e2e8c5379d20daecac604e25cd2bb75509fae2495a91a32a796364
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a
e62017168d5b4219f4a2011d727d413e5c119d2cb06a4056666acc16ab6cc9a1
e63c3b67ef8eeb779e6c7f69e96e317d497b1a851ba9d8a58c012802c83377df
ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7
fd04676042eba08b3a5166d9d619fca6f42e49c6bb52342603acacd6ee52c718