urlscan.io logo urlscan.io
SecurityTrails logo

www.lapresse.ca Open in urlscan Pro
52.85.151.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-l...
Submission: On April 18 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 4 countries across 60 domains to perform 337 HTTP transactions. The main IP is 52.85.151.86, located in United States and belongs to AMAZON-02, US. The main domain is www.lapresse.ca. The Cisco Umbrella rank of the primary domain is 94679.
TLS certificate: Issued by Amazon on September 16th 2021. Valid for: a year.
This is the only time www.lapresse.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 52.85.151.86 16509 (AMAZON-02)
40 13.32.207.122 16509 (AMAZON-02)
23 104.16.68.69 13335 (CLOUDFLAR...)
1 35.244.223.138 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 23.57.136.222 16625 (AKAMAI-AS)
3 2a03:2880:f01... 32934 (FACEBOOK)
13 52.85.151.50 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 13.32.181.20 16509 (AMAZON-02)
4 34.120.235.16 396982 (GOOGLE-CL...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 142.250.80.2 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 151.101.129.208 54113 (FASTLY)
1 2600:9000:201... 16509 (AMAZON-02)
6 35.161.29.14 16509 (AMAZON-02)
2 2606:2800:220... 15133 (EDGECAST)
1 3.67.191.1 16509 (AMAZON-02)
3 54.204.175.169 14618 (AMAZON-AES)
1 142.250.80.70 15169 (GOOGLE)
1 13.249.42.30 16509 (AMAZON-02)
13 23.21.165.102 14618 (AMAZON-AES)
5 24 68.67.179.91 29990 (ASN-APPNEX)
7 2602:803:c002... 26667 (RUBICONPR...)
7 34.199.117.108 14618 (AMAZON-AES)
7 104.94.205.31 16625 (AKAMAI-AS)
7 28 35.244.159.8 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
9 9 35.211.178.172 19527 (GOOGLE-2)
19 25 142.251.32.98 15169 (GOOGLE)
3 3 151.101.2.49 54113 (FASTLY)
1 34.75.117.5 396982 (GOOGLE-CL...)
2 2 185.184.10.30 203690 (RTB-HOUSE...)
1 1 34.232.5.62 14618 (AMAZON-AES)
5 5 207.198.113.176 13768 (COGECO-PEER1)
3 2607:f8b0:400... 15169 (GOOGLE)
6 9 8.43.72.98 26667 (RUBICONPR...)
1 54.187.35.166 16509 (AMAZON-02)
1 1 52.206.220.219 14618 (AMAZON-AES)
1 104.244.42.72 13414 (TWITTER)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 35.170.211.88 14618 (AMAZON-AES)
2 5 54.175.87.114 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:9000:219... 16509 (AMAZON-02)
1 1 67.202.105.22 32748 (STEADFAST)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
4 5 2600:1f18:4e9... 14618 (AMAZON-AES)
9 9 52.223.40.198 16509 (AMAZON-02)
6 34.199.129.36 14618 (AMAZON-AES)
5 34 184.29.129.7 16625 (AKAMAI-AS)
6 151.101.129.108 54113 (FASTLY)
3 68.67.179.122 29990 (ASN-APPNEX)
4 2607:f8b0:400... 15169 (GOOGLE)
1 52.205.101.70 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
9 29 52.223.22.214 ()
2 104.127.172.242 ()
3 6 107.178.246.49 ()
6 6 18.213.237.106 ()
6 10 35.190.60.146 ()
4 4 107.178.254.65 ()
3 7 104.18.100.194 ()
6 15 52.46.154.242 ()
1 1 34.98.67.3 ()
6 7 2620:1ec:21::14 ()
2 2 199.38.167.128 ()
3 2620:1ec:c11:... ()
6 6 70.42.32.63 ()
3 3 184.85.195.135 ()
1 1 13.32.207.54 ()
1 2001:4998:14:... ()
1 1 68.67.179.77 ()
1 1 54.234.215.67 ()
2 2 18.214.156.126 ()
1 1 2620:116:800b... ()
2 2 185.167.164.37 ()
2 2 35.211.233.246 ()
1 1 52.54.48.13 ()
2 2 2606:4700:440... ()
337 62
4    52.85.151.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-86.iad89.r.cloudfront.net
www.lapresse.ca
40    13.32.207.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-207-122.iad66.r.cloudfront.net
static.lpcdn.ca
static.lapresse.ca
23    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.districtm.io
cdn.districtm.io
dmx.districtm.io
1    35.244.223.138 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 138.223.244.35.bc.googleusercontent.com
cdn.optable.co
5    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.ca
2    23.57.136.222 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-136-222.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
13    52.85.151.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-50.iad89.r.cloudfront.net
mobile-img.lpcdn.ca
1    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:16e6 (United States)

ASN13335 (CLOUDFLARENET, US)
js.appboycdn.com
4    13.32.181.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-181-20.iad66.r.cloudfront.net
sb.scorecardresearch.com
4    34.120.235.16 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.235.120.34.bc.googleusercontent.com
optable.lapresse.ca
2    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    151.101.129.208 (United States)

ASN54113 (FASTLY, US)
sdk.iad-06.braze.com
1    2600:9000:2015:3000:5:18cb:8bc0:21 (United States)

ASN16509 (AMAZON-02, US)
d39kx4ztdxg7cf.cloudfront.net
6    35.161.29.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-29-14.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    3.67.191.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-191-1.eu-central-1.compute.amazonaws.com
fsm.lapresse.ca
3    54.204.175.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-175-169.compute-1.amazonaws.com
lapresse-ca.lapresse.ca
1    142.250.80.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net
ad.doubleclick.net
1    13.249.42.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-42-30.iad89.r.cloudfront.net
weather-api.lapresse.ca
13    23.21.165.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-165-102.compute-1.amazonaws.com
prebid-server.rubiconproject.com
24    68.67.179.91 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
7    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    34.199.117.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-117-108.compute-1.amazonaws.com
tlx.3lift.com
7    104.94.205.31 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-205-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
28    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
lapresse-d.openx.net
u.openx.net
us-u.openx.net
1    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
9    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
25    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.75.117.5 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.117.75.34.bc.googleusercontent.com
dmx.us-east-31.districtm.io
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    34.232.5.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-5-62.compute-1.amazonaws.com
match.sharethrough.com
5    207.198.113.176 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    54.187.35.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-35-166.us-west-2.compute.amazonaws.com
lapress.demdex.net
1    52.206.220.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-220-219.compute-1.amazonaws.com
cm.everesttech.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    35.170.211.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-211-88.compute-1.amazonaws.com
ca-lapresse-main.collector.snplow.net
5    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2600:9000:2191:d400:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
dp2.33across.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    2600:1f18:4e9:5a05:1b13:1c6e:1524:1b17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
9    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    34.199.129.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-129-36.compute-1.amazonaws.com
prebid-a.rubiconproject.com
34    184.29.129.7 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-7.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
crcdn01.adnxs-simple.com
cdn.adnxs.com
3    68.67.179.122 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
4    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    52.205.101.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-101-70.compute-1.amazonaws.com
www.summerhamster.com
3    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:2191:ac00:12:1ab1:10c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3q7vxy7usqoub.cloudfront.net
29    52.223.22.214 (None, )

ASN- ()
eb2.3lift.com
2    104.127.172.242 (None, )

ASN- ()
eus.rubiconproject.com
6    107.178.246.49 (None, )

ASN- ()
pixel.tapad.com
6    18.213.237.106 (None, )

ASN- ()
pixel.advertising.com
10    35.190.60.146 (None, )

ASN- ()
id.rlcdn.com
idsync.rlcdn.com
4    107.178.254.65 (None, )

ASN- ()
pippio.com
7    104.18.100.194 (None, )

ASN- ()
p.adsymptotic.com
15    52.46.154.242 (None, )

ASN- ()
s.amazon-adsystem.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
7    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
2    199.38.167.128 (None, )

ASN- ()
p.rfihub.com
3    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
6    70.42.32.63 (None, )

ASN- ()
b1sync.zemanta.com
3    184.85.195.135 (None, )

ASN- ()
stags.bluekai.com
1    13.32.207.54 (None, )

ASN- ()
cm.smadex.com
1    2001:4998:14:800::1000 (None, )

ASN- ()
ads.yahoo.com
1    68.67.179.77 (None, )

ASN- ()
secure.adnxs.com
1    54.234.215.67 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    18.214.156.126 (None, )

ASN- ()
pm.w55c.net
1    2620:116:800b:21:f803:c51b:4d23:ce8c (None, )

ASN- ()
pixel.quantserve.com
2    185.167.164.37 (None, )

ASN- ()
c1.adform.net
2    35.211.233.246 (None, )

ASN- ()
a.sportradarserving.com
1    52.54.48.13 (None, )

ASN- ()
nep.advangelists.com
2    2606:4700:4400::ac40:98f5 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
Apex Domain
Subdomains		 Transfer
52 lpcdn.ca
static.lpcdn.ca — Cisco Umbrella Rank: 214392
mobile-img.lpcdn.ca — Cisco Umbrella Rank: 154701
852 KB
39 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4510
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1106
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3634
ads.rubiconproject.com — Cisco Umbrella Rank: 2630
eus.rubiconproject.com
token.rubiconproject.com
147 KB
36 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 569
eb2.3lift.com
15 KB
35 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
33 KB
33 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
acdn.adnxs.com — Cisco Umbrella Rank: 597
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1309
cdn.adnxs.com — Cisco Umbrella Rank: 1424
secure.adnxs.com
136 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
ad.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
139 KB
28 openx.net
lapresse-d.openx.net — Cisco Umbrella Rank: 304070
u.openx.net — Cisco Umbrella Rank: 709
us-u.openx.net — Cisco Umbrella Rank: 411
5 KB
24 districtm.io
hb.districtm.io — Cisco Umbrella Rank: 118600
cdn.districtm.io — Cisco Umbrella Rank: 1572
dmx.districtm.io — Cisco Umbrella Rank: 1674
dmx.us-east-31.districtm.io — Cisco Umbrella Rank: 21004
29 KB
15 amazon-adsystem.com
s.amazon-adsystem.com
11 KB
14 lapresse.ca
www.lapresse.ca — Cisco Umbrella Rank: 94679
static.lapresse.ca — Cisco Umbrella Rank: 281559
optable.lapresse.ca — Cisco Umbrella Rank: 147643
fsm.lapresse.ca — Cisco Umbrella Rank: 288328
lapresse-ca.lapresse.ca — Cisco Umbrella Rank: 249755
weather-api.lapresse.ca — Cisco Umbrella Rank: 245008
39 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ads.yahoo.com
6 KB
10 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
2 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
5 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
4 KB
8 googlesyndication.com
eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
40 KB
7 linkedin.com
px.ads.linkedin.com
2 KB
7 adsymptotic.com
p.adsymptotic.com
1 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
lapress.demdex.net — Cisco Umbrella Rank: 280929
9 KB
6 zemanta.com
b1sync.zemanta.com
4 KB
6 advertising.com
pixel.advertising.com
2 KB
6 tapad.com
pixel.tapad.com
2 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 snplow.net
ca-lapresse-main.collector.snplow.net — Cisco Umbrella Rank: 160267
959 B
6 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
3 KB
5 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12925
www.google.ca — Cisco Umbrella Rank: 8069
2 KB
4 pippio.com
pippio.com
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
cm.everesttech.net — Cisco Umbrella Rank: 1009
1 KB
4 braze.com
sdk.iad-06.braze.com — Cisco Umbrella Rank: 3484
27 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
5 KB
3 bluekai.com
stags.bluekai.com
3 KB
3 bing.com
c.bing.com
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 624
syndication.twitter.com — Cisco Umbrella Rank: 891
133 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
87 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
932 B
2 adform.net
c1.adform.net
955 B
2 w55c.net
pm.w55c.net
1 KB
2 rfihub.com
p.rfihub.com
2 KB
2 creativecdn.com
us.creativecdn.com — Cisco Umbrella Rank: 2699
697 B
2 cloudfront.net
d39kx4ztdxg7cf.cloudfront.net
d3q7vxy7usqoub.cloudfront.net
26 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 942
8 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
65 KB
1 advangelists.com
nep.advangelists.com
234 B
1 quantserve.com
pixel.quantserve.com
511 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
378 B
1 smadex.com
cm.smadex.com
529 B
1 linksynergy.com
tags.rd.linksynergy.com
358 B
1 summerhamster.com
www.summerhamster.com — Cisco Umbrella Rank: 5501
182 B
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3592
99 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
441 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 8763
500 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 431
632 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 582
220 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
2 KB
1 appboycdn.com
js.appboycdn.com — Cisco Umbrella Rank: 4998
51 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
64 KB
1 optable.co
cdn.optable.co — Cisco Umbrella Rank: 122530
42 KB
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
337 60
Domain Requested by
39 static.lpcdn.ca www.lapresse.ca
static.lpcdn.ca
29 eb2.3lift.com 9 redirects micro.rubiconproject.com
eb2.3lift.com
25 cm.g.doubleclick.net 19 redirects u.openx.net
eb2.3lift.com
24 ib.adnxs.com 5 redirects micro.rubiconproject.com
acdn.adnxs.com
20 us-u.openx.net 7 redirects u.openx.net
micro.rubiconproject.com
us-u.openx.net
18 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
15 s.amazon-adsystem.com 6 redirects us-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
14 dmx.districtm.io cdn.districtm.io
micro.rubiconproject.com
13 prebid-server.rubiconproject.com micro.rubiconproject.com
www.lapresse.ca
u.openx.net
13 mobile-img.lpcdn.ca www.lapresse.ca
9 match.adsrvr.org 9 redirects
9 x.bidswitch.net 9 redirects
8 cdn.districtm.io hb.districtm.io
cdn.districtm.io
micro.rubiconproject.com
7 px.ads.linkedin.com 6 redirects
7 p.adsymptotic.com 3 redirects us-u.openx.net
eb2.3lift.com
7 lapresse-d.openx.net micro.rubiconproject.com
7 htlb.casalemedia.com micro.rubiconproject.com
7 tlx.3lift.com micro.rubiconproject.com
7 fastlane.rubiconproject.com micro.rubiconproject.com
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
6 b1sync.zemanta.com 6 redirects
6 id.rlcdn.com 5 redirects
6 pixel.advertising.com 6 redirects
6 pixel.tapad.com 3 redirects us-u.openx.net
6 js-sec.indexww.com micro.rubiconproject.com
ssum-sec.casalemedia.com
6 prebid-a.rubiconproject.com micro.rubiconproject.com
6 ca-lapresse-main.collector.snplow.net d39kx4ztdxg7cf.cloudfront.net
6 dpm.demdex.net www.lapresse.ca
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.lapresse.ca
5 token.rubiconproject.com 5 redirects
5 pr-bh.ybp.yahoo.com 4 redirects u.openx.net
5 ups.analytics.yahoo.com 2 redirects us-u.openx.net
5 pixel-sync.sitescout.com 5 redirects
4 idsync.rlcdn.com 1 redirects us-u.openx.net
ssum-sec.casalemedia.com
4 pippio.com 4 redirects
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 acdn.adnxs.com micro.rubiconproject.com
4 pixel.rubiconproject.com 1 redirects
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.ca securepubads.g.doubleclick.net
4 sdk.iad-06.braze.com js.appboycdn.com
4 optable.lapresse.ca cdn.optable.co
4 sb.scorecardresearch.com 2 redirects www.lapresse.ca
4 www.lapresse.ca static.lpcdn.ca
3 stags.bluekai.com 3 redirects
3 c.bing.com eb2.3lift.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 nym1-ib.adnxs.com www.lapresse.ca
micro.rubiconproject.com
cdn.adnxs.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sync-tm.everesttech.net 3 redirects
3 lapresse-ca.lapresse.ca static.lpcdn.ca
3 connect.facebook.net www.lapresse.ca
connect.facebook.net
2 a.sportradarserving.com 2 redirects
2 c1.adform.net 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 p.rfihub.com 2 redirects
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ssum.casalemedia.com 2 redirects
2 www.google.com www.lapresse.ca
tpc.googlesyndication.com
2 us.creativecdn.com 2 redirects
2 platform.twitter.com www.lapresse.ca
platform.twitter.com
2 use.fontawesome.com js.appboycdn.com
use.fontawesome.com
2 www.googletagservices.com www.lapresse.ca
securepubads.g.doubleclick.net
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 nep.advangelists.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.yahoo.com
1 cm.smadex.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 d3q7vxy7usqoub.cloudfront.net
1 www.summerhamster.com
1 cdn.adnxs.com micro.rubiconproject.com
1 crcdn01.adnxs-simple.com micro.rubiconproject.com
1 ads.rubiconproject.com securepubads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 u.openx.net micro.rubiconproject.com
1 dp2.33across.com 1 redirects
1 aa.agkn.com 1 redirects
1 www.google.ca www.lapresse.ca
1 stats.g.doubleclick.net www.google-analytics.com
1 eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 syndication.twitter.com platform.twitter.com
1 cm.everesttech.net 1 redirects
1 lapress.demdex.net www.lapresse.ca
1 match.sharethrough.com 1 redirects
1 dmx.us-east-31.districtm.io cdn.districtm.io
1 weather-api.lapresse.ca static.lpcdn.ca
1 ad.doubleclick.net www.lapresse.ca
1 fsm.lapresse.ca static.lpcdn.ca
1 d39kx4ztdxg7cf.cloudfront.net www.lapresse.ca
1 cdn.jsdelivr.net micro.rubiconproject.com
1 js.appboycdn.com www.lapresse.ca
1 www.googletagmanager.com www.lapresse.ca
1 static.lapresse.ca static.lpcdn.ca
1 micro.rubiconproject.com www.lapresse.ca
1 cdn.optable.co www.lapresse.ca
1 hb.districtm.io www.lapresse.ca
0 rtb.mfadsrvr.com Failed eb2.3lift.com
337 102
Subject Issuer Validity Valid
*.lapresse.ca
Amazon		 2021-09-16 -
2022-10-15		 a year crt.sh
*.lpcdn.ca
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
cdn.optable.co
GTS CA 1D4		 2022-02-21 -
2022-05-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-25 -
2022-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
optable.lapresse.ca
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.iad-06.braze.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-02 -
2023-04-03		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
fsm.chip.de
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
forestryjournal-gb.forestryjournal.co.uk
R3		 2022-04-15 -
2022-07-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
ca-lapresse-main.collector.snplow.net
Amazon		 2022-04-03 -
2023-05-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.summerhamster.com
R3		 2022-04-17 -
2022-07-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Frame ID: FEBCAE4D114580E1E96606A18FC5CC5F
Requests: 178 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 29BB3A868150C3DC18A4A8D9DF04C16D
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.lapresse.ca
Frame ID: 306B1BBE04C881E0B68859B8E65ABE7B
Requests: 2 HTTP requests in this frame

Frame: https://lapress.demdex.net/dest5.html?d_nsid=0
Frame ID: 72031794D6FC3396F28CA76A538604CF
Requests: 4 HTTP requests in this frame

Frame: https://eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A86EAC9B6A537F16A7C691A738112AC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 7C091163C5A207EEC608250699D9F91E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstc_5vG7UNUvI3vjf-2gl-Z0Thg-zDpZdJrCp-4IwGVz1iPKolIbiwmOO8_6QEoAmRnJRvjVbwN2CCyJrR36A96SMJXTZACTm-7mIO9d3W8vp4z_klsAuIhuChLzCX8enfGyBMMmzYH_oyUImjjNtTCcVPsbymnmVSnVZnRHulJERBURervvqZQv4gBATNknvhLn2Ro0uedCIYOWsZOoN4Yfn97rHp5EN0u_D3qR5qjbj3kdVU6Mf3oKZPZkBSAQYKy8-fpD5f0wP_hIDXUtYEl7dm7ymIEnBu9gXAFQk7m9yKODTYwYaeiHf-n4wmruPTk5g&sai=AMfl-YTCPBDsFdq8c14LvJAhYnioVynn7G3QeasaBV1S4LfMeh4L-LiDJeXdPeleiZ8gIx4_Zt2DQx-HrxTUlF3EWa49Qp28mTbTkH1E-bWu4u7ecZXIVDoHyAfRWL1c2DRG3hYwJZ5la1YTeeVK5IF-&sig=Cg0ArKJSzILcE3YvZhx5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A7B3347418EA42ECF94121F6C1EE9FD4
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10505&pub_id=1955383
Frame ID: E52C174535306BCE629F9ED695883055
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E1E1D363464658932FAE934C260A90A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB99C6024C2B8126C184588488104EBA
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 34AE68EE1521684C9220F0776BFC3905
Requests: 11 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: F45308E8246A5081CDC6EE962FD5F68B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E3C5FE99B0647A33A6F5AA8C4D9A1710
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B1B1BEC90C6DC005D07AA1D906611323
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D44EC07AE1EF7673D3C1E5FCFFF5C9F
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Frame ID: 7D5129B037FD0916463189C41A440E52
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D21998D35B65F65C4A3DC77AD7F9A2E9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: CBF3483C997448EB04448EEFF150C131
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C249E24AF23DA43A3C9CD016C26E3EEF
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59CAE1E1638F8E61A31827C2AA7AB583
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Frame ID: 2A7404B3841F89235EE40F7BB19BD92D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4B4796F9FF582F381609A173BB528C0E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5EB4A5EA02921EFC779150B2FB6DD024
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: A9083011A45F1D3375EA97DFFDE86EF4
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 67C5E380E387432F3B1380DCACCEC493
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Frame ID: 58F69AF054BE3710869BC1279D4C2937
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5BBD9957C97FFAA5CAC796469EC308A5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3C821DBBF5A23897A103144C3E50E871
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C2500771EED6A126297808AE6B17EF19
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

600 millions de dollars en cryptomonnaies | Le FBI accuse des pirates liés à la Corée du Nord de vol | La Presse

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • js\.appboycdn\.com/web-sdk/([\d.]+)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

337
Requests

73 %
HTTPS

31 %
IPv6

60
Domains

102
Subdomains

62
IPs

4
Countries

2076 kB
Transfer

5080 kB
Size

57
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://sb.scorecardresearch.com/cs/3005690/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&c8=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&c8=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&c9=
Request Chain 99
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=27yLRIvbKs4MyLnZYDuLh4qiIy8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=27yLRIvbKs4MyLnZYDuLh4qiIy8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&google_hm=YTQyNmFkNWQtOTllZi00MzFmLWJhYjMtMmUyMWFhMmI4M2Ux HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJIob6M1z-ac6wD-C5HItXc&google_cver=1&ssp=districtm&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1 HTTP 302
  • https://dmx.districtm.io/s/10009/a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Request Chain 100
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=Yl1jCQAC5SniWQAZ HTTP 302
  • https://dmx.us-east-31.districtm.io/s/10016/Yl1jCQAC5SniWQAZ&_test=Yl1jCQAC5SniWQAZ
Request Chain 101
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1 HTTP 302
  • https://dmx.districtm.io/s/10027/lF9RiSNv3HK4LbKN0psL?pi=districtm&tc=1
Request Chain 102
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/892d38d7-acad-40ef-aa07-558d0a28a4bb
Request Chain 103
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341
Request Chain 108
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=23098&us_privacy= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=23098&uid=L24QHNTP-6-C126
Request Chain 122
  • https://cm.everesttech.net/cm/dd?d_uuid=42765631858399157960429088872384195218 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yl1jCQAC5SniWQAZ&d_uuid=42765631858399157960429088872384195218
Request Chain 156
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3748492465806001067
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=&verify=true HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-0lkd0ClE2uFhzsubspfPww.t8EWJBbK5~A
Request Chain 178
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=42765631858399157960429088872384195218 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214080604125009228196
Request Chain 183
  • https://dp2.33across.com/ps/?pid=897&random=1618664913 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211694453070031&random=1650287370
Request Chain 186
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2646674789086349524&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 187
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yl1jCQAC5SniWQAZ
Request Chain 189
  • https://match.adsrvr.org/track/cmf/openx?oxid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=4154b7b7-5914-45d2-8916-bc157614f00f&ttd_puid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0&gdpr_consent=
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDONxbqtPWAenPOGTMQ7YjY&google_cver=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDI3NjU2MzE4NTgzOTkxNTc5NjA0MjkwODg4NzIzODQxOTUyMTg= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECWHEnEjqI5_84BSVHfrLVQ&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 195
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=189517&us_privacy=&C=1 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523
Request Chain 230
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 238
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 243
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 247
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Request Chain 248
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Request Chain 249
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Request Chain 250
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMjhiMWFhNjgtNGQ2Yy0wZDJhLTFmMWQtMTg4ZDdmM2YzZWQxEAAaDQiOxvWSBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d0457155ad0180a8bc8f320be32de4ea5dc9df6d1f8ea7edb06e1405cbd527e2791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkMDQ1NzE1NWFkMDE4MGE4YmM4ZjMyMGJlMzJkZTRlYTVkYzlkZjZkMWY4ZWE3ZWRiMDZlMTQwNWNiZDUyN2UyNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8b1kgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkMDQ1NzE1NWFkMDE4MGE4YmM4ZjMyMGJlMzJkZTRlYTVkYzlkZjZkMWY4ZWE3ZWRiMDZlMTQwNWNiZDUyN2UyNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8b1kgYSBAgCEABCAEoA&google_gid=CAESEAFOSMidOb8uIr39GIZPka0&google_cver=1 HTTP 307
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Request Chain 251
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Request Chain 252
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Request Chain 253
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Request Chain 254
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Request Chain 255
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Request Chain 256
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIj8b1kgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIj8b1kgYSBAgCEABCAEoA&google_gid=CAESEAFOSMidOb8uIr39GIZPka0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=01aa0e95-0f03-4c05-a92c-5ee2454fcce4
Request Chain 257
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Request Chain 258
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Request Chain 262
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Request Chain 263
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Request Chain 264
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Request Chain 265
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
Request Chain 266
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Request Chain 267
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Request Chain 271
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Request Chain 272
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 274
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Request Chain 275
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1&_expected_cookie=2f607f3d797c888e244fd7edc88bda16
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=997336230561145700&expires=30&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 279
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Request Chain 280
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=pqn8zASR_eipnWhXuLiW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBYW4OD2IFJVEX3FNFYG4V3ILB2UY2KX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBYW4OD2IFJVEX3FNFYG4V3ILB2UY2KX HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pqn8zASR_eipnWhXuLiW
Request Chain 281
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Request Chain 282
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 284
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Request Chain 285
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=3b6236acae245209c2f590959d865443
Request Chain 286
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=4c1b0aa3-c39b-4823-9de4-926d60d18377&expires=10&ssp=triplelift&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 289
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Request Chain 290
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=mZTP5MVia9LPGMI1r0YR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVNFIUBVJVLGSYJZJRIEOTKJGFZDAWKS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVNFIUBVJVLGSYJZJRIEOTKJGFZDAWKS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mZTP5MVia9LPGMI1r0YR
Request Chain 291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Request Chain 292
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 294
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Request Chain 295
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=8b9af35f229f794b5ea92805b4ec2792
Request Chain 296
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Request Chain 297
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Request Chain 299
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Request Chain 300
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=6hy2N1SQNAcsbMAKyiVQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GZUHSMSOGFJVCTSBMNZWETKBJN4WSVSR&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GZUHSMSOGFJVCTSBMNZWETKBJN4WSVSR HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=6hy2N1SQNAcsbMAKyiVQ
Request Chain 304
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Xqa2pw-M7Cq2CdKpSjlnSsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4984712678805751870
Request Chain 305
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L24QHNRS-10-CGPD
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEII_sKUET7Nj3GyAsBk5BnY&google_cver=1
Request Chain 307
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRlNjRlMGRiZDQ4YzZhOTI3NzBkNWJjZDM4YWM4OWEwMzgxYmNhZg
Request Chain 308
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4154b7b7-5914-45d2-8916-bc157614f00f&gdpr=0&gdpr_consent=&expires=30
Request Chain 310
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0UUhOUlMtMTAtQ0dQRA==
Request Chain 311
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L24QHNRS-10-CGPD&sigv=1&esig=2~a89c6ccaf1dccdcff07d78eb0c98dd0a541ac2e0
Request Chain 313
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Request Chain 316
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3748492465806001067
Request Chain 317
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6cdeb50a-ab9c-4e46-9012-b8c5f42865d3&expiration=1681823375
Request Chain 318
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YHNnTtGc1NGr8j5
Request Chain 319
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3ib-hN4n-4bFJv3T2SDmg9wi-9TFI6qBiSc8W0WW
Request Chain 321
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Request Chain 323
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Request Chain 325
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 326
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=997336230561145700
Request Chain 327
  • https://idsync.rlcdn.com/461886.gif?partner_uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523&&gdpr_consent=&gdpr= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOxVwB91PUyrfB2kvvpjXlw&google_cver=1
Request Chain 328
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3748492465806001067
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Request Chain 331
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Request Chain 333
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7925317822789085942&expiration=1651496975
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0aadc2c8-da25-406b-8a82-cd616934cc3f&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Request Chain 336
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d0e90bee-3f6f-487b-b86f-b93216c09768
Request Chain 337
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=Yl1jClzpsnrLXV4fjtkjGwAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=Yl1jClzpsnrLXV4fjtkjGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287088814094

337 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/ 		183 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-86.iad89.r.cloudfront.net
Software
/
Resource Hash
ec4c80b321ed5d59dc12a4212f7281728bae6b8e923bda8f67a433ce38de81b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
s-maxage=6,must-revalidate
content-encoding
gzip
content-length
28609
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 13:09:28 GMT
permissions-policy
interest-cohort=()
vary
Accept-Encoding
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
x-amz-cf-id
DeiTsBBf2OeXrF4pI7-1disjblXuEa1U4YMLCympgrvpN7iyOuqlyg==
x-amz-cf-pop
IAD89-C3
x-cache
Miss from cloudfront
x-correlation-id
625d630826e869.89564848
x-frame-options
SAMEORIGIN
appStoryDesktop.bundle.36ccda74129c4f349393.js
static.lpcdn.ca/lpweb/dist/js/ 		153 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
ab55c80b468a21ea49127cac5ab92ca836b91106a543a3a2b6ae2f54ce11412f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:06 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598642
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
RaaCVggZaycy__gnFieUFMrh8qmIHJsW3zercFykZvJx0dfdS9Q1zg==
react.production.min.js
static.lpcdn.ca/lpweb/lib/react/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/lib/react/react.production.min.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
7hOk9f2h83Ow2FNUiYF5aXWETLhneMPJKXIJ1q_r27OeM0cR6RAKkA==
react-dom.production.min.js
static.lpcdn.ca/lpweb/lib/react/ 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/lib/react/react-dom.production.min.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:39 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446009
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
HOaWFNpIcnF4YJy_DMjLYgv8i86pw9V6xQHnLr2u5LjfqRYYOCx3zA==
lpca-auth-react.9372c9de76ce32395384a0818ea2ec60.js
static.lpcdn.ca/lpweb/dist/js/ 		320 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/lpca-auth-react.9372c9de76ce32395384a0818ea2ec60.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
98b8710a50aa8d516c849cf111d1b45a06b4405502f14ef6af8ac23e22c90f53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:02 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598646
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
vZrdSpAjVj1anKz4ydDXqGRQN2w_IVa4Xun1HSlEsS4GnKYEuWitcQ==
lpca-auth-react.ccd8941be113acf11958f4b87ac1514a.css
static.lpcdn.ca/lpweb/dist/css/ 		22 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/css/lpca-auth-react.ccd8941be113acf11958f4b87ac1514a.css
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
f250cde45af664b863b0edcd2405c154abd64aed7c7ac07b61fb1f99f4887575

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:06 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598642
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
0TWYsliHIybqeot3v83baY4Z1Wm4vtx5LOKYgm60l6NMliDGAaMrvg==
login.bundle.78d17a6284309cfebdb2.js
static.lpcdn.ca/lpweb/dist/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/login.bundle.78d17a6284309cfebdb2.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
3b0168787d34ab8638d54f25ec5018978846da7cb18784a8bb255af0fc081e33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:06 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598642
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
9gXTYGLa9XJ_U1e22Qp1ytBvos66vrq-hblB411NP8pdKYNImkZwEQ==
merge.100133.js
hb.districtm.io/prod/100133/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.districtm.io/prod/100133/merge.100133.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517310c55e9701db6091fb5e4dbe37ee7bf6b9364a27e0e54d997324c2c8bb8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
via
1.1 a0d3ee5e8725edd8a5348fb9433fbc30.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1648
cf-polished
origSize=72622
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 30 Jul 2020 20:39:31 GMT
server
cloudflare
etag
W/"e5323f6cb8bc566e9938610092645047"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=43200
x-amz-cf-pop
ATL52-C1
cf-ray
6fdda295296d8cd4-EWR
x-amz-cf-id
8WbSqx_sGtlYkqgQyobgGZTr5Dr7YID6I2EuXDiEzmsQxFGpWHH6fA==
expires
Tue, 19 Apr 2022 01:09:28 GMT
sdk.js
cdn.optable.co/web-sdk/v0.6/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optable.co/web-sdk/v0.6/sdk.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.223.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.223.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d9ef98de23379bca12097fcab0eb9fbc8193fc2a9855199598dc291a0a450b8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 12:43:43 GMT
age
1545
x-guploader-uploadid
ADPycdvV9tleWAOwHSE1kihZKezXFrKTkWcykJt26n6pehpByFa8-E_WXnPmqJMu66DvLRxS_5rwJeSruyabIRYhER9EqIqnoSKb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42703
last-modified
Mon, 30 Nov 2020 15:25:51 GMT
server
UploadServer
etag
"00ae1311b5b7fd9a907558d8cd18fe90"
x-goog-meta-optable-sdk-version
v0.6.4
x-goog-hash
crc32c=auiK/A==, md5=AK4TEbW3/ZqQdVjYzRj+kA==
x-goog-generation
1606749951545927
cache-control
public, max-age=3600
x-goog-stored-content-length
42703
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 18 Apr 2022 13:43:43 GMT
sha1encoder.js
static.lpcdn.ca/lpweb/script/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/script/sha1encoder.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
5eda896fbd669382f68454ff2d967dd5c8ba438876b775d5a45997b2cb8d0957

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
7z5P2Rm7v95FDxvmWIO-E5Mb_Vge453cc1MDASzNAEWbWGmFfaY-Fw==
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b573c8cfc5eb5ad392bff14b2eab5acd98eeb8a2d822e6e8e8552f9e69ef69c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28589
x-xss-protection
0
server
sffe
etag
"1190 / 471 of 1000 / last-modified: 1650280021"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Apr 2022 13:09:28 GMT
23098.js
micro.rubiconproject.com/prebid/dynamic/ 		372 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/23098.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26388d7e63ae0e512ea20d978dd7cbffc1c68e6e2573d713aae072c9b5852fc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 21:29:37 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-23098_LaPresse_Web.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=14400
content-length
108867
x-trp-pba
{"ruleId":"2","rulePos":0,"ruleName":"Desktop_Tablet","wrapperName":"23098_LaPresse_Web","isPrimary":true,"randomProb":6,"account":23098,"device":"desktop","country":"CA","host":"lapresse.ca","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.lapresse.ca/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36","query":"","ranAt":"2022-04-18T13:09:28.626Z","runId":"1650287368626-637","wrapperPath":"/prebid/23098_LaPresse_Web.js","redirectUrl":"/prebid/get-wrapper/Desktop_Tablet/23098_LaPresse_Web.js"}
expires
Tue, 19 Apr 2022 01:07:28 GMT
m-lapresse.lapresse.js
static.lpcdn.ca/lpweb/common/scripts/ 		332 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
4baaa254820b6daef2b169f3cda417efbf6f442ec482f0da0dee98858898d391

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:43 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446005
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
b2SrGHRF0baFBDihwXtYMgLSMc8-w3hEb6TYqsW4n17O_On-9MCTuQ==
componentBraze.bundle.9d4cfd024550a12980e7.js
static.lpcdn.ca/lpweb/dist/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/componentBraze.bundle.9d4cfd024550a12980e7.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
5d30255517408c67473431c1f73cce42236ffb541860d7e6813a51dfad8a0d12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:06 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598642
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
Dl9Vr6ybvViIyWRYlspi5gbKWQoi19teNha1Uw_4DaHKx3JzBDAhtg==
storyPage.bundle.b83a140587e15c308189.css
static.lpcdn.ca/lpweb/dist/css/ 		266 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
939468b91f1a598caa8af8f7680375b9cf537860bf326d3c936a2dffd509fc8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:06 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598642
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
GnYYEpp1YX6CuAURJiGhu0uY6SQg6yP-GmpBcvQi-ICfMG_yEW6aXA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4350db5fa611e306d165ad0350f059cab2b13abcce5d64ef0cac9108118f6c9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
pvAPQG4f2r6sjz4HQyuk7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
0OIzbT7Ho9ceGs89iYWMuZQMfiMNcQ8luOJWZ1RO442KUCmMwAqzqnZdsqcc3+fjgRtwARoUdsnjut9+eOKD9Q==
x-fb-trip-id
1512268381
x-fb-content-md5
22210db2c112174248cfdf5be97d0983
x-frame-options
DENY
date
Mon, 18 Apr 2022 13:09:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e9d88cc326334cd0575a463674376fc0"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Apr 2022 13:27:40 GMT
la-presse-logo-web.svg
static.lpcdn.ca/lpweb/mobile/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/la-presse-logo-web.svg
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
j6BJOG4oYDjZ2I0aLRp15De65yAxixuhSEUE0kJaeytS87QFi6Egrw==
logo-lp-line.svg
static.lpcdn.ca/lpweb/mobile/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/logo-lp-line.svg
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:45 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446003
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
bpUSG_O1jcZ8szf4WYuv7Q8HJUKFPHb5l5exOMqB2X4tInv7c9F2Ag==
f28a508d72b638a8879dc25b3161545c.webp
mobile-img.lpcdn.ca/v2/924x/r3996/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/924x/r3996/f28a508d72b638a8879dc25b3161545c.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fe22ecddd2baea2695484d56ce732ea4bb77adb05dbafc817a15db462c3f5e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 13:09:29 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 22:44:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
etag
"fd27c058e812875de767c5a8f85f10da"
x-cache
Miss from cloudfront
x-amz-version-id
NjZ94V_AWEqhi8waO8Ga5eUEsOJME6jQ
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
content-type
image/webp
content-length
69506
x-amz-cf-id
z437y406jXwoMVy4Dr0em3iK1DOdNmPZPMo4LBJwIFoQ_uTJ6u60kw==
share-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		737 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/share-icon.png
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
737
x-amz-cf-id
WQJehjF42-BRXekLLDaCevW26_E4Q7DD-HSRQJwjXccAmYUwg_Gh9Q==
rubrik.css
static.lapresse.ca/fonts/rubrik/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.lapresse.ca/fonts/rubrik/rubrik.css
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/lpca-auth-react.ccd8941be113acf11958f4b87ac1514a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:39 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446009
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
wdN22j8wJ5Dg_aaF19P4ipC46sumOrv-8487N_K2dXy3RMnXIgad2w==
gtm.js
www.googletagmanager.com/ 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MP8JVMP
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d0b406b2e4ba081649443ea0069bcddfd89bd67c4e2d33b4c576b2b78a85e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65069
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 13:09:28 GMT
appboy.min.js
js.appboycdn.com/web-sdk/3.4/ 		189 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3691
x-amz-server-side-encryption
AES256
x-amz-request-id
24NYJJ60DSHZK9BM
x-amz-id-2
VRuFnRfhqlaakJQ9dhHYUaq0mP0t7jR6+kKksk4/5eD07jDq8B9fQ+2qd1R8y956TByaPMPrjDg=
last-modified
Thu, 07 Oct 2021 22:27:51 GMT
server
cloudflare
etag
W/"dc7ece658aaaa661ce9baebfcf0a7416"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
6fdda295cc5f4bd0-YUL
expires
Mon, 18 Apr 2022 17:09:28 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/3005690/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
13.32.181.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-181-20.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:00:02 GMT
via
1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
etag
"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
567
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
IAD66-C2
accept-ranges
bytes
content-length
3690
x-amz-cf-id
TwT0cVjXD3FrDO0Gzw6B31XCYHWt0DX-l6U27yHzwOni-bBJwTTImg==

Redirect headers

location
/internal-cs/default/beacon.js
date
Mon, 18 Apr 2022 13:09:28 GMT
via
1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
content-length
0
x-amz-cf-id
D-eykImcHm8d7eWwtZqKm8e8Nk_ZxHKVoD-W1-55LNPDxHJnMPZkYA==
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/fr_FR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a4dcd5e1129cf02c658dd50a54ac91914f1ea53509a393dc75f1a4f392b62063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7evbPA3Gu69uiOcm3em/dQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 18 Apr 2022 13:23:30 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
b30AMoBkh3TCpRg3gVNC+4GnOIGlKEW8ZLU5hmcj9PeaygCyfT0BX0e3690aiR8wmkWb6m1ALdoCeRNTwpNjzA==
x-fb-trip-id
1512268381
x-fb-content-md5
92ee947978960b43dafa4400f5f8c016
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Apr 2022 13:09:28 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"8e7f8c8a97e92390b0cf02af7bda4546"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
facebook-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/facebook-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 13:23:32 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Wed, 13 Apr 2022 11:56:59 GMT
age
431156
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
2426
x-amz-cf-id
Gbkj7iAIAfhVRe3duHR3bRgQYdgvLP7lab4fYwUHueM5rztUBkzFGA==
twitter-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/twitter-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
3245
x-amz-cf-id
h1EeQ4_jsJ_6HiDbALZI49Q7mRPZBXWyqlAyoqzTaxsXKdSxfw4mhA==
linkedin-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/linkedin-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:43 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446005
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
2673
x-amz-cf-id
_h-tNbGYHjHJUEzlaazlQGpeZkiIxeurYd-lZI9peVlC1cJMV1_UFA==
instagram.png
static.lpcdn.ca/lpweb/mobile/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/instagram.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
4129
x-amz-cf-id
ip1H_iwFOA44Vq5o9lz0jUrh_d2jp0jlqUL_1r7w6hd22q8pWh6Gxg==
pinterest-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/pinterest-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
cf94621194b49d5d19ba1a2ae457775f42d4a05f676d76c8a42996ff01fcc2d1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:40 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446008
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
1888
x-amz-cf-id
9ioouG9LO1tPqFkz-kLES4dcVUdvJb_0KfxCnu_1bYbWtaMi2y9uAA==
MuseoSlab-700.woff2
static.lpcdn.ca/fonts/museoSlab/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/museoSlab/MuseoSlab-700.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
246eb714db7565cf5da65b96b8f18e7e061d13907fc658916ec53091b40393dd

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:43 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482005
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
19288
x-amz-cf-id
P6y8jGUkGA20gJUlqc575J19HFscvyuJk2M97psRXcR_k_-54GJPaQ==
expires
Tue, 19 Apr 2022 19:42:43 GMT
Rubrik-Regular.woff2
static.lpcdn.ca/fonts/rubrik/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-Regular.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:43 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482005
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
17940
x-amz-cf-id
qWCWmRVhWlWPWBIUvO1cpvVxW8eB_qYiaVbKIuxNnQ3pw099tFZE5g==
expires
Tue, 19 Apr 2022 19:42:43 GMT
identify
optable.lapresse.ca/lapresse/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optable.lapresse.ca/lapresse/identify?cookies=yes&osdk=web-v0.6.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.235.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.235.120.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin
https://www.lapresse.ca
access-control-max-age
43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Apr 2022 13:09:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
targeting
optable.lapresse.ca/lapresse/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optable.lapresse.ca/lapresse/targeting?cookies=yes&osdk=web-v0.6.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.235.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.235.120.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin
https://www.lapresse.ca
access-control-max-age
43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Apr 2022 13:09:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
identify
optable.lapresse.ca/lapresse/ 		2 B
19 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optable.lapresse.ca/lapresse/identify?cookies=yes&osdk=web-v0.6.4
Requested by
Host: cdn.optable.co
URL: https://cdn.optable.co/web-sdk/v0.6/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.235.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.235.120.34.bc.googleusercontent.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
via
1.1 google
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
targeting
optable.lapresse.ca/lapresse/ 		14 B
31 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optable.lapresse.ca/lapresse/targeting?cookies=yes&osdk=web-v0.6.4
Requested by
Host: cdn.optable.co
URL: https://cdn.optable.co/web-sdk/v0.6/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.235.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.235.120.34.bc.googleusercontent.com
Software
/
Resource Hash
c4215ea05ec0cacec7034528057b0d62014cd9cecec1c7100fd68f9c6d5d35a2

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
via
1.1 google
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
truncated
/ 		292 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
Rubrik-Medium.woff2
static.lpcdn.ca/fonts/rubrik/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-Medium.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:42 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482006
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18588
x-amz-cf-id
GFm7sdbQWV5O5cLhZxggoV-MD0IJheggslICbYCaPWmwo-yFZ316kA==
expires
Tue, 19 Apr 2022 19:42:42 GMT
Verlag-Book.woff2
static.lpcdn.ca/fonts/verlag/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/verlag/Verlag-Book.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:42 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482006
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18300
x-amz-cf-id
teNMqaTNfN60sOLkoWeAnRgOB6GQAt2L0QtlvDUk8IGIx92831LxUg==
expires
Tue, 19 Apr 2022 19:42:42 GMT
Rubrik-SemiBold.woff2
static.lpcdn.ca/fonts/rubrik/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-SemiBold.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
99ac816b389ee1637433b4b96ab4ec0d7a96677760c74267860a76de52556799

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:40 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482008
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18612
x-amz-cf-id
jq8e810dLu0TZlgc7EP8uOyEFVRD4lwzz7R4P_xMlik1EuVog8UsQw==
expires
Tue, 19 Apr 2022 19:42:40 GMT
index.html
cdn.districtm.io/ids/ Frame 29BB 		116 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: hb.districtm.io
URL: https://hb.districtm.io/prod/100133/merge.100133.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
46640
cf-cache-status
DYNAMIC
cf-ray
6fdda2960b388cd4-EWR
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 13:09:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
x-amz-cf-id
fFouWJJNVRh9dkYXOQ66rc3y01yUQGRpV8yf0J4lnJniKLl4ueXh0w==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
copylink-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/copylink-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 17:31:26 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 19:11:56 GMT
age
157082
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
3701
x-amz-cf-id
DVDm7rhBn7kFYSBjh6LKCcKOBxL1lj2My0kQ8FGu8oiwjV9RDZAz_g==
print-icon.png
static.lpcdn.ca/lpweb/mobile/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/mobile/img/print-icon.png
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 05:42:42 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2446006
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
1055
x-amz-cf-id
6fd4aQp0PPkd6g3zD2Ix_zKIlCbTHZldHpGQcGFbn67X--lOPq3VLQ==
Verlag-Black.woff2
static.lpcdn.ca/fonts/verlag/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/verlag/Verlag-Black.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 08:56:28 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:30:37 GMT
age
447180
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
17308
x-amz-cf-id
2jRT0AYpi7ZiH9euJbhp53gc0L6-aSpMVqRQWVwHtOnFgoD8tr8YqA==
expires
Fri, 13 May 2022 08:56:28 GMT
Verlag-Bold.woff2
static.lpcdn.ca/fonts/verlag/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/verlag/Verlag-Bold.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:42 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482006
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18388
x-amz-cf-id
wLRwXLwB0QKTD7J6nVdwiAkX3Ym1oGLj-9uTzBq8fK7dnSF3WIoJUw==
expires
Tue, 19 Apr 2022 19:42:42 GMT
Rubrik-Bold.woff2
static.lpcdn.ca/fonts/rubrik/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-Bold.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:42 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482006
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18848
x-amz-cf-id
xc5yThn6Xpzf43GPEkrjDeAQ8LEVfu8DPhcKFsXqX9fGWDuCa0iqiA==
expires
Tue, 19 Apr 2022 19:42:42 GMT
Calluna-Light.woff2
static.lpcdn.ca/fonts/calluna/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/calluna/Calluna-Light.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:41 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:17:59 GMT
age
2482007
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
41884
x-amz-cf-id
eYymkKLr8JdnM0HccZ6tuM4tFWIUQ06HkogAc4_xM4D-cJnWHJ9Zmw==
expires
Tue, 19 Apr 2022 19:42:41 GMT
2753866e37383650b2d59ad91c0dcdfb.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/2753866e37383650b2d59ad91c0dcdfb.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c5ca94e4440f2d1c890475696805b80db7fa07a9fc8b16e7e8202caa5ae692c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 13:08:38 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 13:01:04 GMT
server
AmazonS3
age
51
etag
"b2f26f06a9b9dd1bcada1fd62606c9d2"
x-cache
Hit from cloudfront
x-amz-version-id
3LdHnRKtlSM0xIDQd9RbfuJh0mqfQV4m
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
16114
x-amz-cf-id
DvFxSA6hByyDXXBhRp5jEwPZCSZ78RtjxqnO0U_X38G8WEsvgUJI1g==
5eef4db75f3d3d89a9b0d73996b3c754.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/5eef4db75f3d3d89a9b0d73996b3c754.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f345c5eba45299fc4c711ecfa92a5376e6e9aa1aa11f7acc298c9c38cff9333f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 12:06:17 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 12:01:22 GMT
server
AmazonS3
age
3792
etag
"384568ad52124bc1401a15057de38863"
x-cache
Hit from cloudfront
x-amz-version-id
y6Wp3J.D9.435tyr3tZfDkR.mYfHEcBf
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
8764
x-amz-cf-id
fq8OxDQR-ZgaNOP_K0jImPVN6ME9hclyiH5X3DRezhB7gUcxLzjCqQ==
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7b6c4fa79ae3f606ac604c90804b9ab4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1bb7bd21c82b57eaeff560f32e76de5b43c213a7e395d32fb51d5699282bfb08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lapresse.ca/
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
A4cpe0m+HROGO6DVDGiMNg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84315
x-fb-rlafr
0
x-fb-debug
wjJAGITgYwYbJwfvsJvYf8lscE9FkHXeJ8ePO/ONFsbkzY4rGVQgypdgs3alx+zVQwC28SGm8CR4HjhqQ4jNqQ==
x-fb-content-md5
abcfeb53ed3e3005f0f028782158d99f
x-frame-options
DENY
date
Mon, 18 Apr 2022 13:09:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ce8009acb8b623f1425b35bb1426d9c3"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Apr 2023 12:14:47 GMT
49358ebe5f5c343084cead73b922e87b.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/49358ebe5f5c343084cead73b922e87b.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dd611ead5c6fcb9b5f54cd5d2a1e92d08b2941cc0ecc18e39e24ba027d1cd64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 11:19:13 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Thu, 23 Dec 2021 15:05:37 GMT
server
AmazonS3
age
6616
etag
"a7820332e0f0b8311bbbe61c17a5719d"
x-cache
Hit from cloudfront
x-amz-version-id
UYEsHJQQtkpnbevI930nRloZexXehuvn
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
8820
x-amz-cf-id
LhdE6JYS0SEbkLZJvDVnPyKAraHaBFD6eLxt7S015vdiaYL9kAnpBg==
c331ec46115a382b835d5eae0a0763d6.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/c331ec46115a382b835d5eae0a0763d6.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae8ad1d8d59139e432ab1e7b2cd140482897ae2725ccb13099e79172ba5d69b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 10:35:42 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 10:34:15 GMT
server
AmazonS3
age
9227
etag
"c3f7050555c6ba565504bafef3e968f1"
x-cache
Hit from cloudfront
x-amz-version-id
xzjoWEeRQ2xH2hSFxicJ65LG8vtn8nnu
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
10970
x-amz-cf-id
cbPZ7IEl1um2XTfnWPSTKAYapwG9NCEYUfQp6vHqLYh2jcnuBtrWeQ==
9aec4b49a33b380c8b7f7aafec468788.webp
mobile-img.lpcdn.ca/v2/357x/r3996/d8ba6abd/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/d8ba6abd/9aec4b49a33b380c8b7f7aafec468788.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60d8ce6da085b6780e03223b932112acebbf6e949125f66f59c4093eb55cffe7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 10:20:52 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 10:00:33 GMT
server
AmazonS3
age
10117
etag
"a3febbb9e39b16e882748b0ef37f8942"
x-cache
Hit from cloudfront
x-amz-version-id
_ykqJtg8F9oJSmYiRgRfQlKgahgANFIg
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
5202
x-amz-cf-id
x4Ok1gEfpOjp3HJKCgDck4mh_wENz_i3bS--AgBDi9gI3dQ-RKBKzg==
74937009082337688418ab33f01b54ac.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/74937009082337688418ab33f01b54ac.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba657f58e8d57ad9aa7fb2066eb645fd3069dc1441b66fe93c1a9c3dda4b2c00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 09:33:34 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 09:03:19 GMT
server
AmazonS3
age
12955
etag
"e1de89d8c7fa0bafb5f9554a69e2afaa"
x-cache
Hit from cloudfront
x-amz-version-id
znr4OmzU548UFkCrfPy6QDW3JOcwF6Xe
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
4096
x-amz-cf-id
Cnqh3s40ZfyENnDW5Jp8cSZpjwbWKjwOZdQioNLkDCC2XI37ImJbqw==
7f85a56ba4.css
use.fontawesome.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7f85a56ba4.css
Requested by
Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7087
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BVYXP7TCNFR50PYS
x-amz-id-2
DdOS9d1GSH/ri7hZhFHYSqtGqtDkGOREUYdttsn4BXyek+dIPg7cV0/+tIRrFDJAReqnW6gCIwc=
last-modified
Wed, 30 Jun 2021 21:14:33 GMT
server
cloudflare
etag
W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnzqqxFdHgjQ8nyXbYkVDDM%2F6vcJ9YXT4sI51qWjuC0X1XXQpLmK%2BliRfQSJRro1d%2F%2FwO9gWIYBvzCszVLlHA45RiBKGbimw7p5t%2BcTKt3HptLU0tecTIjLv5SPX7WK2njBCD1dAzwEFGZQgGGJTygVL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
6fdda2977f794bd0-YUL
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Apr 2023 00:18:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		176 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lapresse.ca
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
f2fcd55bdc5ecd10984851ed5f12d098f5a994f57562bc0d8cc77e2bbe13c8a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123
x-xss-protection
0
expires
Mon, 18 Apr 2022 13:09:28 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220418
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3113f69bb04f4800ae206915ee9ca4970d6141040a035a8d9f95bbcbd2cd678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36511
x-jsd-version
1.0.1314
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-itm18825-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-kdQhJwMK6yD7ryCGeRKGJ3ik1wM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hfG472vE%2FGydo9LCkwaBk%2B0i3%2FiHAerGjBf9e2XyXy7E2%2B1Do%2FyGAMyZOHfFw6eK0yN30f8qPMOM1HCZmmN%2FmTrG%2FmsGMjnQhwNZhI%2B5NPRR0PzrmxiqSCAXjq%2BEg4EzeKF7Rk3QcHbIyK1ll0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fdda297eed07136-YUL
access-control-expose-headers
*
45e087a187ab3897ae912711326bb65a.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/45e087a187ab3897ae912711326bb65a.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d26f1ac92124c77f1e72f8ba2d879c2c5a4f91a6721f4b5f33ae8fb0309bbf79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 03:36:57 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 03:33:00 GMT
server
AmazonS3
age
34352
etag
"5f9e10e9b064b71aa34354b40697b1b6"
x-cache
Hit from cloudfront
x-amz-version-id
PIY15THE.twVF3bg9eqtYzV1BYQ7buwg
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
4042
x-amz-cf-id
NJd3j6KxaoPatgkiQqs-IV4m6oZco_yB31zknrqn7Yb_GctWqExwlg==
4e7e2eac9b103fcf83fa807447a5db71.webp
mobile-img.lpcdn.ca/v2/357x/r3996/5a188c3a/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/5a188c3a/4e7e2eac9b103fcf83fa807447a5db71.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06750c68194e94052e0208593948e7c4b1df48fbca94f4bdfe6379ef2f6df8cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 17 Apr 2022 20:53:16 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sun, 17 Apr 2022 20:00:30 GMT
server
AmazonS3
age
58573
etag
"e7c094a220485d066fb61d50968104ae"
x-cache
Hit from cloudfront
x-amz-version-id
2mcw2R1k0kzM1hf_9zNll5aHWu0_v0Ld
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
18028
x-amz-cf-id
H4Y7AT3Lrb4F0rwPLkhwg6eB_vpGtAd1wewJShZ-Tb7ajKk5quI5rg==
e78ede832bb83f80a95bd4c806683770.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/e78ede832bb83f80a95bd4c806683770.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23e826df4ca1aecfb11e58ea8a162cd84a41f389c46baf708925e581ba1775de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
tWD0_g5TT86KUvne40_5RdzJ4VAp074e
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
etag
"c43ed1bd4334b93ccab30cf17fd029c9"
last-modified
Sun, 17 Apr 2022 11:01:48 GMT
server
AmazonS3
age
7220
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=604800, immutable
date
Mon, 18 Apr 2022 11:09:09 GMT
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-length
5862
x-amz-cf-id
xeqOgWAdS-P-6_8X6M0va7WgtIh5pu3Q_XoyoPjtdnDDVPeHwypZFA==
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 29BB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:28 GMT
via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
89334
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6fdda297ef868cd4-EWR
x-amz-cf-id
BpyDbToyYei3igJS0-btMIwCNyxpUBqSub_ItWYhLo4ODW1F01WY8w==
expires
Wed, 20 Apr 2022 13:09:28 GMT
/
sdk.iad-06.braze.com/api/v3/data/ 		133 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-06.braze.com/api/v3/data/
Requested by
Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cbab4d04bc5903e30d522b8555c687f2448747555cd1a291c6baa804b191b296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json
accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
X-Requested-With
XMLHttpRequest

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
access-control-max-age
7200
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
34ba587f-6420-4614-94ec-8fb50049f4a4
x-served-by
cache-yul12821-YUL
x-runtime
0.102753
server
nginx
x-timer
S1650287369.054159,VS0,VE124
etag
W/"cbab4d04bc5903e30d522b8555c687f2"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
via
1.1 varnish
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
x-cache-hits
0
/
sdk.iad-06.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-06.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Mon, 18 Apr 2022 13:09:29 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1650287369.027433,VS0,VE15
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.fontawesome.com/7f85a56ba4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24685324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K7K0THYQ96VNEJP7
x-amz-id-2
rU/viUmgijuqli49HvCaXbrtIiMj5zQGFnS2WqhEgix7uS9L0RUR7kqVRw89/FXc+PfAJfy/Kdc=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY9Q0HyvuoktGnVvuJzz9qnuCdOF459oJUn0Y4Gy7uwdnOwjrLLWHsOagM7vUWdqGn93KM9Bxili9XQB6dPZOtyDwn5UwRU7bFZvmGE7wRcwqVREVZKj%2B6r0Q6tuxaz%2B89QdQ9VVfMgoyd42DzZG6TGr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6fdda29848b04bd0-YUL
Sentinel-Bold.woff2
static.lpcdn.ca/fonts/sentinel/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/sentinel/Sentinel-Bold.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
c46883da0c8fe7082a9fda3abd13b1607161b0c41ed014a78329d467fa7c5a2b

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:40 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482008
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18920
x-amz-cf-id
EAjkeEO2AriWayEOE3V_kmjJQaCM8f2AHHCynRGML2T2PDXSzSp_Lg==
expires
Tue, 19 Apr 2022 19:42:40 GMT
Sentinel-Book.woff2
static.lpcdn.ca/fonts/sentinel/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/sentinel/Sentinel-Book.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
c80674bb9706bfdc22434bb40754797ad2509c46549ed5745a21d4bc2f14f5a6

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:44 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482004
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
18540
x-amz-cf-id
SBoYdBSfDDK1w5IhigAjE8_24IV2zSWweluszvCyZXHWrKUw8akfng==
expires
Tue, 19 Apr 2022 19:42:44 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryp...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cry...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&c8=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&c9=
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
13.32.181.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-181-20.iad66.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
via
1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
x-amz-cf-id
u5-E6q4TyVw2U5o3ft2dibWTPFvu60qFzYSDwcnVfPIZyGKfpi1Lsg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=3005690&cs_it=b2&cv=3.8.0.210223&ns__t=1650287368990&ns_c=UTF-8&c7=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&c8=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&c9=
date
Mon, 18 Apr 2022 13:09:29 GMT
via
1.1 8bc02eb70fbe9b20b0505e49467df014.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
content-length
0
x-amz-cf-id
gGg0JqKTpmriLllf6i29zYFcy0Ec4rVwQk4TQkSBL6GAfYsTlZtgbg==
x-cache
Miss from cloudfront
anAToiMg0Lcc86KIzJLMi45LjA.js
d39kx4ztdxg7cf.cloudfront.net/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39kx4ztdxg7cf.cloudfront.net/anAToiMg0Lcc86KIzJLMi45LjA.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2015:3000:5:18cb:8bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 19:59:58 GMT
content-encoding
gzip
last-modified
Thu, 29 Mar 2018 06:17:39 GMT
server
AmazonS3
age
148172
etag
"ca3734b973941d7734d9116b823f868b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 96bbdd3a7f25156daf49a9ffc457edcc.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
25747
x-amz-cf-id
ir81ZMIz1IdT-8mR2l8aiWJewEEF-REuXTwBjrG0ZPq5XNo7KX4qrQ==
id
dpm.demdex.net/ 		887 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=842235765AFA9B840A495D4A%40AdobeOrg&d_nsid=0&ts=1650287369012
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f624b9b965b9e523920e2b07afc097427a5477c58013ee33dab9aa80477f1350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v028-051b5b64f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
f9ngDwYZSkU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
524
Expires
Thu, 01 Jan 1970 00:00:00 UTC
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0C) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
929
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:38:34 GMT
Server
ECS (nyb/1D0C)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
buyers
dmx.districtm.io/s/v1/ Frame 29BB 		482 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d397108208666f938462411789d0183271407c800b21c9dfdeedd62600097c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda298a93e8cd4-EWR
access-control-allow-headers
Origin, Content-Type
www.lapresse.ca
fsm.lapresse.ca/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fsm.lapresse.ca/www.lapresse.ca
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.191.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-191-1.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
07cd227ab474a1200ca4e88416c5eec10f0deeb523cc6acc75605c030eebd837

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
cache-control
max-age=259200, public
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
*
content-type
application/javascript
get_site_data
lapresse-ca.lapresse.ca/ 		198 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-ca.lapresse.ca/get_site_data?account_id=1057&href=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&requestUUID=b0609cce-b1f2-4c1e-b4a2-8d77012e1357-1650287369085
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.175.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-175-169.compute-1.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
0d004688c894ca15df2457a3527f2298e631915591060943334b31adc5a51d2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
x-sp-mms-node
ip-10-128-17-239
server
Jetty(9.4.2.v20170220)
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.lapresse.ca
cache-control
max-age=2592000
access-control-allow-credentials
true
;ord=1650287369112
ad.doubleclick.net/ddm/ad/pvdala/uvwwht/eecjpfy/qqupyjurzj/yn/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/pvdala/uvwwht/eecjpfy/qqupyjurzj/yn/;ord=1650287369112?
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1827
weather-api.lapresse.ca/weather/cities/ 		1 KB
930 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://weather-api.lapresse.ca/weather/cities/1827
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.42.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-42-30.iad89.r.cloudfront.net
Software
/
Resource Hash
d160d02181f20589275bbcb383d5300c69a4ab370bfc9b79b4eeec8c9f25de10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
x-correlation-id
625d6309495ca0.56132462
x-amz-cf-pop
IAD89-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Location
cache-control
no-cache, private
x-cache
Miss from cloudfront
content-encoding
br
access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
x-amz-cf-id
FqoJdZS1cWunmrJe7mcFIjI_fXqpOzU9ZhGSZ8RaH0SvvUCj3DODlQ==
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
now
www.lapresse.ca/webparts/trending/4/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lapresse.ca/webparts/trending/4/now
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-86.iad89.r.cloudfront.net
Software
/
Resource Hash
2e9882f993a11f198b9e2ab401157cb989995321796ab99ea2a358e5df869686
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:27 GMT
content-encoding
gzip
age
2
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
cache-control
s-maxage=6,must-revalidate
permissions-policy
interest-cohort=()
x-correlation-id
625d630736c2a6.16289143
x-amz-cf-pop
IAD89-C3
x-robots-tag
noindex
content-length
1927
x-amz-cf-id
KoJBVhoDYdhnzdKzKum_LohL5gK-E8ojEh1BBN6NTbEsWCG0-dVZ0Q==
34d05e595a6da5bae659bd.bundle.js
static.lpcdn.ca/lpweb/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/34d05e595a6da5bae659bd.bundle.js
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
e2d20ec3a0597f3e62105614471728cec8ebbbac6734d69f9b080299e63404a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:08 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598641
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
4_xO31STUsTV8KCEGuPCvTDI_4NCdoQZNWGd9DmOxiP3aeoEos0WIA==
31d05e595a6da5bae659bd.bundle.js
static.lpcdn.ca/lpweb/dist/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/31d05e595a6da5bae659bd.bundle.js
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
661f1e31a2bc6aa9cd8768897c810929c069c2843ec43687de13fbf3313f33a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:08 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598641
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
MhAHNlgLUaz78p-rOLrtdcpxHSp6PFkuSHjej8xQdf3l2xeQwPHjzQ==
33d05e595a6da5bae659bd.bundle.js
static.lpcdn.ca/lpweb/dist/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/lpweb/dist/js/33d05e595a6da5bae659bd.bundle.js
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
f3a6eb4fe2d425ab192314b31cd7df720126cc095050fcccb552c9f611940500

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 14:52:08 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Mon, 11 Apr 2022 14:35:12 GMT
age
598641
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
s-maxage=2628000,max-age=300,must-revalidate
x-amz-cf-pop
IAD66-C1
content-encoding
br
x-amz-cf-id
DqBZl2_DCDSJ7mHkmob5sjYknofhxXdoURfA5b_370zrLf8walngaQ==
6f0d1fb9e5ff359fb72e580da30b9d69
www.lapresse.ca/trending/4/ 		20 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lapresse.ca/trending/4/6f0d1fb9e5ff359fb72e580da30b9d69
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-86.iad89.r.cloudfront.net
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
br
x-amz-cf-pop
IAD89-C3
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
permissions-policy
interest-cohort=()
x-correlation-id
625d63092b0d65.65748728
x-robots-tag
noindex
x-amz-cf-id
GCEQyNwjUPi07LWOnk6XttZ8sc8P8KlPY9T2WTpApx65_gJALPbPDQ==
cookie_sync
prebid-server.rubiconproject.com/ 		1 KB
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
e171fe37b2d1df70943a2394b05b89eee6461b567d0c3e976702441df86eae9e

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
515
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		204 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
ff115de13b78301a98b4b805874f47cfa1ec0aecadeb11c723cc257a7b1d4bb9

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
187
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bbad4b8cca5825aaf37ec9e26b3b382dc3dbed8be33468dc054482d5d7dba052
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2bfdbed6-7217-4738-ada3-06c04556ad41
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda2999bb48cd4-EWR
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e43a3df064a39618e1ab9be6897b9d54cae721a409a77615c80f1630d45ec06d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce064e1a-e0c0-4763-b915-5f62d8841c28
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		357 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=b8705778-543a-4ad0-a901-aa4d9532d753&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2149764618731278
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6d970b71308477cbe85d7e95f9a27c9afefc62c02fd83cc2790fbdb672653956

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
357
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22200a233abadda27%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A5%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226aebc01e45dcbd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e098b78823dc25629ef63339839072348ef02d7f638cc1d0aadbb0adb7d8d78c

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b8705778-543a-4ad0-a901-aa4d9532d753&nocache=1650287369222&aus=728x90%2C970x250&divids=headerpos1-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
373cb6dcfcbcf42158b4fa7aebae4eefa0c6adba106f0afb1ca5de4b98a815f6

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		203 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
58126d4bd262e4620e0603fcfd2a5faf1b060d5f4c17b252308ff6b0b46f51ea

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
187
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22390d532593ec6e5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A11%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245f510b7ed6edf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ebcf563dc54c8e7c031b0287a82322808038e9458ab17bfef16925596a458f3

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
auction
tlx.3lift.com/header/ 		19 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=2&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=8c97dc08-cdd0-4402-b8ee-5f8edf7373dc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34361239717805914
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
849093d3a294d5ad60cb9af46fdd6cfe4bafec7c9b80a93ca004c4b5685c41b2

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
333
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a23b4c0d340b6ca52e350d956c0acc158fa755404dbe5816f110472a6e4bf1c3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f59e2cf-072b-4e25-89f4-b2bf6a359ad6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		137 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
98e4e1368808bb6ca705cebb935a15e1a7f2bd0e6fbbf92e0df2e2e8fdf3e889
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5e759c24-b790-4705-825e-024a24a9d80e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8c97dc08-cdd0-4402-b8ee-5f8edf7373dc&nocache=1650287369243&aus=728x90&divids=ad625d63082b844-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
8226d47eec9155ef81b7bde9a99588000b6fdee2aa8566f3a2ab35ffdc672ad5

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda299dc268cd4-EWR
access-control-allow-headers
origin, content-type
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
a426ad5d-99ef-431f-bab3-2e21aa2b83e1
dmx.districtm.io/s/10009/ Frame 29BB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=27yLRIvbKs4MyLnZYDuLh4qiIy8
  • https://x.bidswitch.net/ul_cb/sync?ssp=districtm&user_id=27yLRIvbKs4MyLnZYDuLh4qiIy8
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&google_hm=YTQyNmFkNWQtOTllZi00MzFmLWJhYjMtMmUyMWFhMmI4M2Ux
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJIob6M1z-ac6wD-C5HItXc&google_cver=1&ssp=districtm&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
  • https://dmx.districtm.io/s/10009/a426ad5d-99ef-431f-bab3-2e21aa2b83e1
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3cb8d9ec0863e9e6f3b9952b38c3d4a2d13b9b016b66387e5310da04279afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 18 Apr 2022 13:09:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6fdda29d3bfe8cd4-EWR

Redirect headers

Location
//dmx.districtm.io/s/10009/a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Date
Mon, 18 Apr 2022 13:09:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Yl1jCQAC5SniWQAZ&_test=Yl1jCQAC5SniWQAZ
dmx.us-east-31.districtm.io/s/10016/ Frame 29BB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/1477?redir=https%3A//dmx.us-east-31.districtm.io/s/10016/$%7BTM_USER_ID%7D&_test=Yl1jCQAC5SniWQAZ
  • https://dmx.us-east-31.districtm.io/s/10016/Yl1jCQAC5SniWQAZ&_test=Yl1jCQAC5SniWQAZ
95 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-31.districtm.io/s/10016/Yl1jCQAC5SniWQAZ&_test=Yl1jCQAC5SniWQAZ
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Server
34.75.117.5 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.117.75.34.bc.googleusercontent.com
Software
/
Resource Hash
f0a99c7545437e028b02c1f0cc958715b10c1855d3fc324cebe064c7944ae2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-length
95
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650287369.427318,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://dmx.us-east-31.districtm.io/s/10016/Yl1jCQAC5SniWQAZ&_test=Yl1jCQAC5SniWQAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
lF9RiSNv3HK4LbKN0psL
dmx.districtm.io/s/10027/ Frame 29BB
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://us.creativecdn.com/cm-notify?pi=districtm&tc=1
  • https://dmx.districtm.io/s/10027/lF9RiSNv3HK4LbKN0psL?pi=districtm&tc=1
76 B
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/lF9RiSNv3HK4LbKN0psL?pi=districtm&tc=1
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df801b185b8aba39ef4e5f1ade3535d69b5103348ff38d039a3972490ce3de72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 18 Apr 2022 13:09:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6fdda29bc81a8cd4-EWR

Redirect headers

location
https://dmx.districtm.io/s/10027/lF9RiSNv3HK4LbKN0psL?pi=districtm&tc=1
pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT, Mon, 18 Apr 2022 13:09:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
892d38d7-acad-40ef-aa07-558d0a28a4bb
dmx.districtm.io/s/10059/ Frame 29BB
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/892d38d7-acad-40ef-aa07-558d0a28a4bb
92 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/892d38d7-acad-40ef-aa07-558d0a28a4bb
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61508aea870a5836cb30629bea43f82944a1cdd7aef1858840da929df632acaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 18 Apr 2022 13:09:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6fdda29b1ed78cd4-EWR

Redirect headers

location
https://dmx.districtm.io/s/10059/892d38d7-acad-40ef-aa07-558d0a28a4bb
date
Mon, 18 Apr 2022 13:09:29 GMT
content-length
0
159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341
dmx.districtm.io/s/10001/ Frame 29BB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=96
  • https://dmx.districtm.io/s/10001/159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341
106 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3964e54fa3f7291aaf676f53b783a805a9afdd99d0383f3d9383a291ce74c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Mon, 18 Apr 2022 13:09:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6fdda29bc81d8cd4-EWR

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MP8JVMP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1533
date
Mon, 18 Apr 2022 12:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 18 Apr 2022 14:43:56 GMT
sync
sdk.iad-06.braze.com/api/v3/content_cards/ 		85 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-06.braze.com/api/v3/content_cards/sync
Requested by
Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.4/appboy.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8f0cf644204f8535299988641c75229b2a639ec67f31af2515642e624aebee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
X-Braze-DataRequest
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json
accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
X-Requested-With
XMLHttpRequest
X-Braze-ContentCardsRequest
true

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
access-control-max-age
7200
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
0b741e9b-e8ef-4f8a-ba6f-52aaf9d23cdd
x-served-by
cache-yul12821-YUL
x-runtime
0.021419
server
nginx
x-timer
S1650287369.350823,VS0,VE37
etag
W/"a8f0cf644204f8535299988641c75229"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
via
1.1 varnish
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
x-cache-hits
0
sync
sdk.iad-06.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-06.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Mon, 18 Apr 2022 13:09:29 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1650287369.324690,VS0,VE15
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame 306B 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.lapresse.ca
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D15) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
425846
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 13:09:29 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 13 Apr 2022 12:15:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D15)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=23098&us_privacy=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=23098&uid=L24QHNTP-6-C126
86 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=23098&uid=L24QHNTP-6-C126
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=23098&uid=L24QHNTP-6-C126
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		203 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
e83c3c9efaebd33130583cc52d7a1c45d3e6394bc3e817b0b47118e0d35c6fa6

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
188
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2268ef21a42497a9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A17%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274cd94ebc971617%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dac95d1c7d0868b967c94ae9286452cc3997dcb75702af2cbb99083d693db884

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c4af7b9143734d605e39076e4eb1ac4dcec36306088165bd5d978ad0085ffe3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0d5cc5b-2bd4-432c-9b1a-a178206aab10
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		337 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=2&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=6b94b6e6-d1c3-459a-a981-fa9c4119e089&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5806305089596902
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5d342b26325fd79aa27f7a5502e58b8e3ace5e8b85cb530d2bb05fb71751ed1d

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
337
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6b94b6e6-d1c3-459a-a981-fa9c4119e089&nocache=1650287369358&aus=728x90&divids=ad625d63082c3c5-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
3aa3e3d51f2bc3abbd25d0f772b38f4ac5f5a08a5ebab2e707226a1879320632

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5fb9f7ed4dc065e3eabcc61d85fabe2ae063cdf18c1407ad9ad66e0aebc9e698
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a840c4bd-8282-4e76-b75d-48e714263a52
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29a9db68cd4-EWR
access-control-allow-headers
origin, content-type
Verlag-XLight.woff2
static.lpcdn.ca/fonts/verlag/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/verlag/Verlag-XLight.woff2
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
bac2e52762088b462c7ae6dff6fa381d1c0e42514af3d09775b64a7f47951920

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:44 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482005
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
17388
x-amz-cf-id
HLw4d8RZpMrc0p0zRV9g1ciEmH8EolCKyikPqvm1Yor_EoXM3WsInw==
expires
Tue, 19 Apr 2022 19:42:44 GMT
today
www.lapresse.ca/webparts/trending/4/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.lapresse.ca/webparts/trending/4/today
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/js/appStoryDesktop.bundle.36ccda74129c4f349393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-86.iad89.r.cloudfront.net
Software
/
Resource Hash
cb90be8137438dd46a830662e1f7f9208072736e0dc2bbb85b053758db93f1de
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:24 GMT
content-encoding
gzip
age
5
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 8d6071bd169bbf5fd46638140132b1d0.cloudfront.net (CloudFront)
cache-control
s-maxage=6,must-revalidate
permissions-policy
interest-cohort=()
x-correlation-id
625d630412fc41.05558046
x-amz-cf-pop
IAD89-C3
x-robots-tag
noindex
content-length
1929
x-amz-cf-id
gTbW8dAEWMjFxe1h9_9Dg2_28W1cuKGrr_n-0h1tlCLmzwUeHnBM4Q==
b3b78f22-8e7e-11ea-b33c-02fe89184577.webp
mobile-img.lpcdn.ca/v2/357x/r3996/34c55be0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/34c55be0/b3b78f22-8e7e-11ea-b33c-02fe89184577.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
173078d535d76a1a59b63c2c734f84b85b1fb25dff383364a172ef4c911cbfe4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
YDbbMWDP8Xc5hw9gst9TmdSvS25qSrI.
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
etag
"b5b799fd31814834b86a3ebab2982656"
last-modified
Sun, 24 Oct 2021 10:30:57 GMT
server
AmazonS3
age
68926
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=604800, immutable
date
Sun, 17 Apr 2022 18:00:44 GMT
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-length
2774
x-amz-cf-id
H6gn2zUNF0htOQ1nK1uY2dilC7AmyzngQHpUr7BKpxD-_uFKPjgsVA==
dest5.html
lapress.demdex.net/ Frame 7203 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lapress.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.35.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-35-166.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v028-0b77890f8.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tYnHSuUjSa4=
content-encoding
gzip
date
Mon, 18 Apr 2022 13:09:29 GMT
last-modified
Wed, 13 Apr 2022 14:59:52 GMT
transfer-encoding
chunked
vary
accept-encoding
id
dpm.demdex.net/ 		887 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=842235765AFA9B840A495D4A%40AdobeOrg&d_nsid=0&d_mid=43023320713292330080367603811747975670&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=lapresse_crm%01c73c4960-bf18-11ec-a9da-bd5beaa7670d%011&ts=1650287369413
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d362cd1471dbed84ed7f8eceede9d9f0a11e1cc511e7dea338f89c3b3f4c54de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v028-008721093.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ghq57yszSTQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
523
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=411&dpuuid=Yl1jCQAC5SniWQAZ&d_uuid=42765631858399157960429088872384195218
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42765631858399157960429088872384195218
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yl1jCQAC5SniWQAZ&d_uuid=42765631858399157960429088872384195218
0
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yl1jCQAC5SniWQAZ&d_uuid=42765631858399157960429088872384195218
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-08ee4731b.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Ho4YEOFXRZM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yl1jCQAC5SniWQAZ&d_uuid=42765631858399157960429088872384195218
Date
Mon, 18 Apr 2022 13:09:29 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
auction
prebid-server.rubiconproject.com/openrtb2/ 		203 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
f9c4765c061c38e936b5999e2e7630787b616e07e71d0d0a3096c998b6712001

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
188
expires
0
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29afe8a8cd4-EWR
access-control-allow-headers
origin, content-type
arj
lapresse-d.openx.net/w/1.0/ 		173 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=82011b45-202c-4197-b291-8fcb75c980bb&nocache=1650287369425&aus=728x90&divids=ad625d63082cf0c-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
8009cb491f0d11e9ed2ba1a9cef551ab165e1b0530c64b1ee41f145efe30b940

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a6ca578227915ccb7c94bf948770521b06f2f3f3287416fb61087a5d0c0462b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4c8a27ff-5edf-4646-b003-c5e998f421c7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210546799ae2655c6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A23%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211116c81dce7d133%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3275604aa8f298c6db216b047048bfa0d8c6b80c5f1b1714276e6f013d6608c8

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		337 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=2&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=82011b45-202c-4197-b291-8fcb75c980bb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9160222794572126
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bf84456b8409baeba959a34d245627782a706867591fcedfb44e8d353637eac4

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
337
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
77d01d19a9f870f70f0203d361bff73d0e28f8cbd924ff2a850eaec5e604a355
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fcae2b23-65dd-4902-a8cb-01a79a2b93bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c.png
static.lpcdn.ca/lpweb/lapresse/img/meteo/icone_une/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lpcdn.ca/lpweb/lapresse/img/meteo/icone_une/c.png
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
a745b501bcbab9a4d025e75e61877ce85114a5253c25ea75082c41fbda37c100

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 11:30:09 GMT
via
1.1 4e3880ea97e52abcc2c96cf65b515f10.cloudfront.net (CloudFront)
last-modified
Wed, 06 Apr 2022 12:37:27 GMT
age
610760
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public,max-age=2628000
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
1334
x-amz-cf-id
dh8fWvAYwxCuWN-Svw5GtRl8SLC_XEpvnbFzsZbeB0Ozdp1jEN4FDg==
auction
prebid-server.rubiconproject.com/openrtb2/ 		203 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
85f16a549845ce8fad1a4fb2449b4b58b603ef65c173f9000e5468acb9d591be

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
189
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		337 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=2&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=45377fe9-9ed2-4e0a-9707-a99b029b4aca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.406541163863372
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d40b62025b1f215731a53416765c99fd66a7ba2e3effc9fd65c871da7045ac69

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
337
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
622d17b02731b2bce231bf2449f8d28f6ac57d66afca3748ab2a907f88c96c92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa8ae0eb-15da-45a5-8940-c0017660682c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=45377fe9-9ed2-4e0a-9707-a99b029b4aca&nocache=1650287369505&aus=728x90&divids=ad625d63082daa0-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
186cb283aa7c5fd62ed21f5777ef3877b0efc23ca26f558ee57f297c8b7f8c47

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29b7f7f8cd4-EWR
access-control-allow-headers
origin, content-type
cygnus
htlb.casalemedia.com/ 		38 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221360abd247bd3aba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A29%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221428eaa12d751294%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
569b73ce0d118a4e0ee9ab13fb07c3c37fa181d6467e2c0924c1b86429a51058

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
77dd4344740659eff375fa0110b782fbba46a5be0e0c332aaa3a94334968187a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b56a1beb-fea8-498b-86f2-945a1372c8df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=766059987&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ul=en-us&de=UTF-8&dt=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1254818557&gjid=423082492&cid=1565221256.1650287370&tid=UA-2513326-39&_gid=421913844.1650287370&_r=1&gtm=2wg4d0MP8JVMP&cd2=article&cd4=desktop&z=635149517
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 306B 		170 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f3191a59531b42c42f2f3eb037edff4daea2bac4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.lapresse.ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
73d215ca413e00af49c2aac191e0c1222767ace69ffc18330cfa628c356b1ef5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
6
date
Mon, 18 Apr 2022 13:09:28 GMT
content-encoding
gzip
last-modified
Mon, 18 Apr 2022 13:09:29 GMT
server
tsa_b
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
89ea286a5fee36d65aff22d723b8163d696b56701865d3a3d641dda05f650da9
content-length
144
auction
prebid-server.rubiconproject.com/openrtb2/ 		203 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
e478825a20956f3a8db69e678e93dde9fa56e623913abe1e09a2a574767c490f

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
188
expires
0
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
59c2dcbc65cbef0ae4fdfd578b8a7ff58acc133938c04024141b9f6825b4170b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8530753d-d066-43dc-899c-087c4c923304
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29bf8a08cd4-EWR
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=695df480-83a4-4ac8-9211-b7491b7e531b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.919821814910496
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ec52a76e85955e8f96a6e3ade8d4e61c3cf475705ace7815a7e61cd917d0408

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
358
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3c67fb6d21875ff35b3774b2325d3690739226b4f28cd5b523a9d5804621ded5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 18 Apr 2022 13:09:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5ded7e5b-a794-45c4-b41b-9d6db20399ec
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221653986ca141d691%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A34%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216712aa12f0bdbad%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6bfc38b69259f55ceb2381e9ba89d28e7692f270caa695da72022ca13f30d80f

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=695df480-83a4-4ac8-9211-b7491b7e531b&nocache=1650287369594&aus=300x250%2C300x600&divids=ad625d63073a395-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
0ab44da9546990b3346fd6aa079cc04e2ccef74614b7e4b000b6ace2c201152b

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
67290ae6ec1b37d0bddaf4da7be09cc5.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/67290ae6ec1b37d0bddaf4da7be09cc5.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4de31f7c7a597261b433a2c345c948996685fab0ee4abe6bbcc59ba7b2096bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 18 Apr 2022 02:28:51 GMT
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
last-modified
Sun, 17 Apr 2022 09:02:48 GMT
server
AmazonS3
age
38439
etag
"77b8a0a6a28be95c250fbe86197c3209"
x-cache
Hit from cloudfront
x-amz-version-id
fCQ.FBTyaPEBuskIHFW9euIWFCx8wdzT
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-type
image/webp
content-length
11276
x-amz-cf-id
_wQn8wba0kC8M7Py9mfZODBTQg-Ekl4EQ_44CIEuOubDfkXqAM0ptw==
fb50362236cc3faaa8888b897d2f1f4e.webp
mobile-img.lpcdn.ca/v2/357x/r3996/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mobile-img.lpcdn.ca/v2/357x/r3996/fb50362236cc3faaa8888b897d2f1f4e.webp
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-50.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09aa4c6ef4da4b84a025461bca4967ea5a7cfc621dd79387699c3cb7a370afdd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
CxFWK_kjhiRGawcjwlT4zJGiVU4BOrce
via
1.1 10a9e9969f05a75cc05e6f70b8499f7e.cloudfront.net (CloudFront)
etag
"2bc3bf8e3310ae8a14b44d5df2747f2f"
last-modified
Wed, 30 Mar 2022 10:30:26 GMT
server
AmazonS3
age
59014
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=604800, immutable
date
Sun, 17 Apr 2022 20:45:56 GMT
x-amz-cf-pop
IAD89-C3
accept-ranges
bytes
content-length
8162
x-amz-cf-id
tuNMWW-3H9Kw9kAbvIn3cro_KFuoOlnv9mD6Ks_VRaHYwrR5xD_UeA==
ads
securepubads.g.doubleclick.net/gampad/ 		559 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3083784062253390&correlator=425131756693541&eid=31065518&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=21686484267%2CLPCA%2CLPCA_Affaires&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x250%7C970x415&fluid=height&ifi=1&adks=2152390878&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=position%3Dpos1%26pageBlock%3Dheader&eri=1&cust_params=articleId%3D6f0d1fb9e5ff359fb72e580da30b9d69%26suptitle%3D600-millions-de-dollars-en-cryptomonnaies%26publicationDate%3D2022-04-14%26microtheme%3Daccident%252Cbnc%252Cukraine%26sectionName%3Daffaires%26typePage%3Darticle%26pageView%3Ddesktop%26pathUrl%3Dwww.lapresse.ca%252Faffaires%252F2022-04-14%252F600-millions-de-dollars-en-cryptomonnaies%252Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%26userId%3D736eee07c796900f12241445e15988e9e25a46e9%26platform%3Dlpca%26deviceInstanceIdHash%3D736eee07c796900f12241445e15988e9e25a46e9%26isLogged%3Dfalse%26optable%3D&ppid=736eee07c796900f12241445e15988e9e25a46e9&sc=1&cookie_enabled=1&abxe=1&dt=1650287369649&lmt=1650287369&dlt=1650287368212&idt=968&biw=1600&bih=1200&adxs=436&adys=31&ucis=1&oid=2&hl=fr&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x30&msz=728x30&fws=512&ohw=0&ga_vid=1565221256.1650287370&ga_sid=1650287370&ga_hid=766059987&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
05cd1116afa11dc2f13b29580dc1cc53f74f85b8b3b3d90ffda5ff473c7208da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A86 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 13:09:29 GMT
expires
Tue, 18 Apr 2023 13:09:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3748492465806001067
86 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3748492465806001067
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
adcd5093-c33c-4331-8985-b0dbe7c014f5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		205 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
2dc02691e408070230271f3d8c0a553eeeb94a62d06aac20aa55e38ba19479db

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
187
expires
0
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.11.0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tmax=2000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.117.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-117-108.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status
7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23098&site_id=377832&zone_id=2084858&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&tg_i.aupname=%2F21686484267%2FLPCA%2FLPCA_Affaires&tg_i.pbadslot=%2F21686484267%2FLPCA%2FLPCA_Affaires&tk_flint=dmpbjs_v6.11.0&x_source.tid=5043c138-507b-4fb9-833c-34a3c22cf5ce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2609910775490736
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
732897ea45f2975319e20dabc39dece68c41a399ffee63264e6c86ec530d1c94

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
358
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
lapresse-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5043c138-507b-4fb9-833c-34a3c22cf5ce&nocache=1650287369670&aus=300x250%2C300x600&divids=ad625d630415579-adSlotLppos&aucs=%252F21686484267%252FLPCA%252FLPCA_Affaires&auid=544029523
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
ca82094deb9c694d98cc5100b4aa02c7800c307c348124004d1bc260a1009c80

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.lapresse.ca
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d4a5654f84073dbe56eccb4541665ded0761004906eacc0edc9b37258f5733b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:29 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4ac28b89-7141-4790-8ac6-46646e521549
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=661253&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221927de30a50a5a19%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22err%22%3A%7B%222%22%3A39%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22194962b760d4b5ee%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22661253%22%2C%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21686484267%2FLPCA%2FLPCA_Affaires%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.94.205.31 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-205-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bdacdc46e7b9d5c234190045f385abfe9af5eed84635d0fd00ca9319ec6da780

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.181], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
38
x-ak-client-geo
19
expires
Mon, 18 Apr 2022 13:09:29 GMT
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 13:09:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.lapresse.ca
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29c89f78cd4-EWR
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa541c89d81f39ec58fd001737774f1c9b34222ef93ae6038c4ab788882dbf23
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 18 Apr 2022 13:09:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bc79b0f4-172b-4e5a-a20e-dc80c3d8b38e
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2513326-39&cid=1565221256.1650287370&jid=1254818557&gjid=423082492&_gid=421913844.1650287370&_u=YEBAAEAAAAAAAC~&z=1136548384
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Apr 2022 13:09:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.lapresse.ca
access-control-max-age
5
content-length
0
date
Mon, 18 Apr 2022 13:09:29 GMT
server
nginx
truncated
/ 		539 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf0714c8a65a93adfd9b25e551d1b0e1bf2167a72cbfefb3baab24a13ba0536

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d39kx4ztdxg7cf.cloudfront.net
URL: https://d39kx4ztdxg7cf.cloudfront.net/anAToiMg0Lcc86KIzJLMi45LjA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.lapresse.ca
date
Mon, 18 Apr 2022 13:09:29 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Rubrik-SemiBold.woff
static.lpcdn.ca/fonts/rubrik/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-SemiBold.woff
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
bd81fc897dcd430d6e6646357b912943aaa0d3a1bcd87068980566584ddebf23

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:44 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482005
x-cache
Hit from cloudfront
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
26040
x-amz-cf-id
5RP3MxUby7_QhRH118_H2O4ZbhLo9mK2h3-LOthf1E9fzt1eARKXpw==
expires
Tue, 19 Apr 2022 19:42:44 GMT
Rubrik-Light.woff
static.lpcdn.ca/fonts/rubrik/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-Light.woff
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
2bb8f9a0e279d3e95b0b19a17ba73f354279f1352aef6acb4fc190c58ed82cc6

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 19:42:42 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Fri, 18 Mar 2022 13:18:00 GMT
age
2482007
x-cache
Hit from cloudfront
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
25800
x-amz-cf-id
m36KYuHSc3R7GH8A-ayl3GqqLihtc2bRYCwqriGL_CM0Yrgd-JLewA==
expires
Tue, 19 Apr 2022 19:42:42 GMT
Rubrik-Regular.woff
static.lpcdn.ca/fonts/rubrik/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.lpcdn.ca/fonts/rubrik/Rubrik-Regular.woff
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.207.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-207-122.iad66.r.cloudfront.net
Software
/
Resource Hash
16b7888898abf64320bc050b8b5d6130512009e4cd3bc7a79c4aa7fef86dd1b5

Request headers

Referer
https://static.lpcdn.ca/lpweb/dist/css/storyPage.bundle.b83a140587e15c308189.css
Origin
https://www.lapresse.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sat, 16 Apr 2022 05:29:22 GMT
via
1.1 7610b91e2653cd801af5fb6517906ed4.cloudfront.net (CloudFront)
last-modified
Thu, 14 Apr 2022 19:11:55 GMT
age
200407
x-cache
Hit from cloudfront
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=2592000, public, immutable
x-amz-cf-pop
IAD66-C1
accept-ranges
bytes
content-length
25688
x-amz-cf-id
VQe64ne5bTZal7SSyks8jUICWDSuI8tknPuaIlFF2P9vZCK8lINf6g==
expires
Mon, 16 May 2022 05:29:22 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=&verify=true
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-0lkd0ClE2uFhzsubspfPww.t8EWJBbK5~A
86 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-0lkd0ClE2uFhzsubspfPww.t8EWJBbK5~A
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=yahoossp&uid=y-0lkd0ClE2uFhzsubspfPww.t8EWJBbK5~A
date
Mon, 18 Apr 2022 13:09:29 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2513326-39&cid=1565221256.1650287370&jid=1254818557&_u=YEBAAEAAAAAAAC~&z=1812652652
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2513326-39&cid=1565221256.1650287370&jid=1254818557&_u=YEBAAEAAAAAAAC~&z=1812652652
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3083784062253390&correlator=3945010463180763&eid=31065518&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fif&iu_parts=21686484267%2CLPCA%2CLPCA_Affaires&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&ifi=2&adks=4228789897&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=position%3Dpos1%26pageBlock%3Dright-col%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.79%26hb_adid%3D20476c9becd93a6%26hb_bidder%3Dappnexus&eri=1&cust_params=articleId%3D6f0d1fb9e5ff359fb72e580da30b9d69%26suptitle%3D600-millions-de-dollars-en-cryptomonnaies%26publicationDate%3D2022-04-14%26microtheme%3Daccident%252Cbnc%252Cukraine%26sectionName%3Daffaires%26typePage%3Darticle%26pageView%3Ddesktop%26pathUrl%3Dwww.lapresse.ca%252Faffaires%252F2022-04-14%252F600-millions-de-dollars-en-cryptomonnaies%252Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php%26userId%3D736eee07c796900f12241445e15988e9e25a46e9%26platform%3Dlpca%26deviceInstanceIdHash%3D736eee07c796900f12241445e15988e9e25a46e9%26isLogged%3Dfalse%26optable%3D&ppid=736eee07c796900f12241445e15988e9e25a46e9&sc=1&cookie_enabled=1&abxe=1&dt=1650287369835&lmt=1650287369&dlt=1650287368212&idt=968&biw=1600&bih=1200&adxs=1110&adys=1162&ucis=2&oid=2&hl=fr&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x46&msz=300x30&fws=0&ohw=0&ga_vid=1565221256.1650287370&ga_sid=1650287370&ga_hid=766059987&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
7d181314e260d6ead0f68e3bbe9a702afae592fc3b9fe3f82fca933d3ad443c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9504
x-xss-protection
0
google-lineitem-id
5619551710
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339665904
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lapresse.ca
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=21&dpuuid=214080604125009228196
dpm.demdex.net/ Frame 7203
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=42765631858399157960429088872384195218
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214080604125009228196
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214080604125009228196
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lapress.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v028-0dab4bbc5.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9JwFVX/DRCs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
via
1.1 f2c051917a765f1d1a1cd2ce1622adb8.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
IAD89-C1
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214080604125009228196
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
E99HMAWpPchuvlGz-Ieg1cpxA4pBsLi31u0L8_fdw6t5ID3cWDalMQ==
expires
0
users
dmx.districtm.io/s/v1/ Frame 29BB 		0
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdda29e4ee58cd4-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.districtm.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-max-age
14400
cf-cache-status
DYNAMIC
cf-ray
6fdda29ddd448cc5-EWR
date
Mon, 18 Apr 2022 13:09:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lapresse.ca
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ibs:dpid=601&dpuuid=211694453070031&random=1650287370
dpm.demdex.net/ Frame 7203
Redirect Chain
  • https://dp2.33across.com/ps/?pid=897&random=1618664913
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211694453070031&random=1650287370
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211694453070031&random=1650287370
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lapress.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-0d18bae01.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lGXyrq+/S5E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
200004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211694453070031&random=1650287370
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cm
u.openx.net/w/1.0/ Frame 7C09 		821 B
821 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
a033b5698daf7eb6e5364904aea4cce364b08ed174973bab144399aa3fa31340

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
509
content-type
text/html
date
Mon, 18 Apr 2022 13:09:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
setuid
prebid-server.rubiconproject.com/ Frame 7C09 		0
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=44a95ac1-39b4-08a3-2be8-586bc7ff9d84
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 7C09
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2646674789086349524&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2646674789086349524&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2646674789086349524&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 18 Apr 2022 13:09:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 7C09
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yl1jCQAC5SniWQAZ
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yl1jCQAC5SniWQAZ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650287370.040633,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yl1jCQAC5SniWQAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
e9b0b34a-1087-a903-71b3-8e8bb9f39240
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7C09 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/e9b0b34a-1087-a903-71b3-8e8bb9f39240?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:1b13:1c6e:1524:1b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 7C09
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=4154b7b7-5914-45d2-8916-bc157614f00f&ttd_puid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=4154b7b7-5914-45d2-8916-bc157614f00f&ttd_puid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=4154b7b7-5914-45d2-8916-bc157614f00f&ttd_puid=7d77d50e-802b-3b4a-4064-987e46a45f09&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 7C09 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTExODA2YzQtNDk1Yy02NWVlLTU1ODQtYzJjNzhjNDY5MTY5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDONxbqtPWAenPOGTMQ7YjY&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDONxbqtPWAenPOGTMQ7YjY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDONxbqtPWAenPOGTMQ7YjY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 18 Apr 2022 13:09:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
ibs:dpid=771&dpuuid=CAESECWHEnEjqI5_84BSVHfrLVQ&google_cver=1
dpm.demdex.net/ Frame 7203
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDI3NjU2MzE4NTgzOTkxNTc5NjA0MjkwODg4NzIzODQxOTUyMTg=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECWHEnEjqI5_84BSVHfrLVQ&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECWHEnEjqI5_84BSVHfrLVQ&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Server
35.161.29.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-29-14.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lapress.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v028-0a9c8e5c6.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kaE6g/uJR2U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECWHEnEjqI5_84BSVHfrLVQ&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=189517&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privac...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=...
  • https://prebid-server.rubiconproject.com/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523
86 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H2
Server
23.21.165.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-165-102.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=ix&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
332
Expires
Mon, 18 Apr 2022 13:09:30 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 18 Apr 2022 13:09:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
view
securepubads.g.doubleclick.net/pcs/ Frame A7B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstc_5vG7UNUvI3vjf-2gl-Z0Thg-zDpZdJrCp-4IwGVz1iPKolIbiwmOO8_6QEoAmRnJRvjVbwN2CCyJrR36A96SMJXTZACTm-7mIO9d3W8vp4z_klsAuIhuChLzCX8enfGyBMMmzYH_oyUImjjNtTCcVPsbymnmVSnVZnRHulJERBURervvqZQv4gBATNknvhLn2Ro0uedCIYOWsZOoN4Yfn97rHp5EN0u_D3qR5qjbj3kdVU6Mf3oKZPZkBSAQYKy8-fpD5f0wP_hIDXUtYEl7dm7ymIEnBu9gXAFQk7m9yKODTYwYaeiHf-n4wmruPTk5g&sai=AMfl-YTCPBDsFdq8c14LvJAhYnioVynn7G3QeasaBV1S4LfMeh4L-LiDJeXdPeleiZ8gIx4_Zt2DQx-HrxTUlF3EWa49Qp28mTbTkH1E-bWu4u7ecZXIVDoHyAfRWL1c2DRG3hYwJZ5la1YTeeVK5IF-&sig=Cg0ArKJSzILcE3YvZhx5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
ads.rubiconproject.com/prebid/ Frame A7B3 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.136.222 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-136-222.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
620cf5797c896715d86ce6785903f4f9ded5179681d94dd6280ccfe00f8fac45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 21:33:00 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=5090
access-control-allow-credentials
true
accept-ranges
bytes
content-length
8870
expires
Mon, 18 Apr 2022 14:34:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7B3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 13:09:30 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 18 Apr 2022 13:09:30 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.129.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-129-36.compute-1.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame E52C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10505&pub_id=1955383
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28064
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:30 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
150347, 82433
X-Served-By
cache-lga21969-LGA, cache-yul12831-YUL
X-Timer
S1650287370.312873,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame A7B3 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&e=wqT_3QK-DfBVvgYAAAMA1gAFAQiJxvWSBhDS94XIjs6UskEYofDqq5ujztlFKjYJaidKqojT_z8R0llecDnq9j8ZAAAA4KNwHUAhLTdid8sf-T8p34lZL4ZyAUAxAAABG7j9PzD804UKOIlSQKQMSAJQtOqHqAFYv6WTAWAAaJLIrQF4ztEEgAEBigEDVVNEkgUG8FWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTY2NzM5MSwgMTY1MDI4NzM2OSk7dWYoJ2knLCA3MDYwOTExLCAxNjYdACxnJywgMTc1OTc3OTNGOwAwcicsIDM1MjQ0OTg0NDYfAPCwkgKBBCFNMTBXWHdqRF80TVpFTFRxaDZnQkdBQWd2NldUQVRBQU9BQkFBRWlrREZEODA0VUtXQUJnaVFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFlaWFESWNiSWdCQXdRRkt3LW02aG5JQlFNa0JBQUFBQUFBQThEX1pBU3g5NklMNmx1MF80QUd2LTY0RDlRRkVtY0ZBbUFJQW9BSUJ0UUlBATMIdlFJAQfwVUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KVGxsTk1qbzFOVEl4NEFPT0xvQUU0UHFXQ0lnRXJQdVdDSkFFQUpnRUFjRUVBBVoBAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0ZrU3VwQhETFFBBX3NRVQEaCQE4TUVGeEE2Mmh5Z3pHRURKLigAADAuKAAITmtGCTHIQUE4RF9nQmV5bkRmQUY0WXF5Q1BnRnZfVFpBb0lHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBETkoRUNvQmdTeUJpUUoREwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIXFCUUlzZzoFAixMLWxrd0VnQUNnQU0R6YhBQkFPZ2xPV1UweU9qVTFNakZBamk1SkxIM29ndnFXN1Q5UgldAQEAQh15AEIdeQRCcAEeCQEEQngJCAEBEEI0QUlrNXjw9ThEOC7YAgDgApyoT-oCkgFodHRwczovL3d3dy5sYXByZXNzZS5jYS9hZmZhaXJlcy8yMDIyLTA0LTE0LzYwMC1taWxsaW9ucy1kZS1kb2xsYXJzLWVuLWNyeXB0b21vbm5haWVzL2xlLWZiaS1hY2N1c2UtZGVzLXBpcmF0ZXMtbGllcy1hLWxhLWNvcmVlLWR1LW5vcmQtZGUtdm9sLnBocPICEQoGQURWX0lEEgc1NjY3Mzkx8gISCgZDUEdfSUQSCDE3NTk3Nzkz8gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEQNAwKCEFEVl9DT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhQQCgVJT18BgQQ3MIUgAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyeQu4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0OS41Ni4xNTMuMTgxqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjE1NzIjTllNMjo1NTIx2gQCCAHgBAHwBLTqh6gBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFiB76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGkQXaBhYKEAAAAAAAAAABFgUBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkAgADAAOLQEQADIB87RBNIHDRV1ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=ccb19aaecdf722a3a15ce13f25f43e3a67c42ece&bdref=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php,https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&
Requested by
Host: www.lapresse.ca
URL: https://www.lapresse.ca/affaires/2022-04-14/600-millions-de-dollars-en-cryptomonnaies/le-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.122 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:30 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
338feb93-c696-4514-8165-1ee3ea648414
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
7f7313e2-ad08-4037-8b9d-389fc42bb7fc.jpg
crcdn01.adnxs-simple.com/creative/p/1572/2022/4/7/33378513/ Frame A7B3 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/1572/2022/4/7/33378513/7f7313e2-ad08-4037-8b9d-389fc42bb7fc.jpg
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
cb34dc463bf068906b3f2231a2dcf97f45c9eb45c2d675b0c8358af1afaad138

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:30 GMT
Via
1.1 varnish, 1.1 varnish
Age
948476
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
100947
X-Served-By
cache-lga21927-LGA, cache-yul12833-YUL
Last-Modified
Thu, 07 Apr 2022 13:41:19 GMT
Server
nginx/1.21.3
Cache-Control
max-age=3888000
X-Timer
S1650287370.313646,VS0,VE0
ETag
"1757b89949b5ead61a106692a597aa10"
x-amz-request-id
17d0ae3e-5c48-4553-a081-e288334f3064
Access-Control-Allow-Origin
*
Expires
Sun, 22 May 2022 13:41:34 GMT
X-Clv-Request-Id
17d0ae3e-5c48-4553-a081-e288334f3064
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Clv-S3-Version
2.5
X-Cache-Hits
1, 36
trk.js
cdn.adnxs.com/v/s/224/ Frame A7B3 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:30 GMT
Content-Encoding
gzip
Age
4594261
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12826-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1650287370.314900,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1890320
it
nym1-ib.adnxs.com/ Frame A7B3 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.lapresse.ca%252Faffaires%252F2022-04-14%252F600-millions-de-dollars-en-cryptomonnaies%252Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&e=wqT_3QK3C_BVtwUAAAMA1gAFAQiJxvWSBhDS94XIjs6UskEYofDqq5ujztlFKjYJaidKqojT_z8R0llecDnq9j8ZAAAA4KNwHUAhLTdid8sf-T8p34lZL4ZyAUAxAAABG7j9PzD804UKOIlSQKQMSAJQtOqHqAFYv6WTAWAAaJLIrQF4ztEEgAEBigEDVVNEkgUG8FWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTY2NzM5MSwgMTY1MDI4NzM2OSk7dWYoJ2knLCA3MDYwOTExLCAxNjYdACxnJywgMTc1OTc3OTNGOwAwcicsIDM1MjQ0OTg0NDYfAPCwkgKBBCFNMTBXWHdqRF80TVpFTFRxaDZnQkdBQWd2NldUQVRBQU9BQkFBRWlrREZEODA0VUtXQUJnaVFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFlaWFESWNiSWdCQXdRRkt3LW02aG5JQlFNa0JBQUFBQUFBQThEX1pBU3g5NklMNmx1MF80QUd2LTY0RDlRRkVtY0ZBbUFJQW9BSUJ0UUlBATMIdlFJAQfwVUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KVGxsTk1qbzFOVEl4NEFPT0xvQUU0UHFXQ0lnRXJQdVdDSkFFQUpnRUFjRUVBBVoBAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0ZrU3VwQhETFFBBX3NRVQEaCQE4TUVGeEE2Mmh5Z3pHRURKLigAADAuKAAITmtGCTHIQUE4RF9nQmV5bkRmQUY0WXF5Q1BnRnZfVFpBb0lHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBETkoRUNvQmdTeUJpUUoREwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIXFCUUlzZzoFAixMLWxrd0VnQUNnQU0R6YhBQkFPZ2xPV1UweU9qVTFNakZBamk1SkxIM29ndnFXN1Q5UgldAQEAQh15AEIdeQRCcAEeCQEEQngJCAEBEEI0QUlrNXj0KgE4RDgu2AIA4AKcqE_qApIBaHR0cHM6Ly93d3cubGFwcmVzc2UuY2EvYWZmYWlyZXMvMjAyMi0wNC0xNC82MDAtbWlsbGlvbnMtZGUtZG9sbGFycy1lbi1jcnlwdG9tb25uYWllcy9sZS1mYmktYWNjdXNlLWRlcy1waXJhdGVzLWxpZXMtYS1sYS1jb3JlZS1kdS1ub3JkLWRlLXZvbC5waHCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APJ5C7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTU3MiNOWU0yOjU1MjHaBAIIAeAEAfAEtIGJIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBYge-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGkQXaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLQEQADIB87RBNIHDRV1ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=2c2b5593425545ac158d0a4c450417536d8e5d67
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.122 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:30 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4b4e3fbe-777c-4cde-8e7b-5c308444afd5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E52C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10505&pub_id=1955383&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10505&pub_id=1955383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:30 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
112d5af5-b79a-4d7a-a11c-6f247f969bfd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame A7B3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c0389121d81022c7f89d63f0926885b1367856d5fe49d64e375871f5f495caa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame A7B3 		0
839 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&e=wqT_3QK3C_BVtwUAAAMA1gAFAQiJxvWSBhDS94XIjs6UskEYofDqq5ujztlFKjYJaidKqojT_z8R0llecDnq9j8ZAAAA4KNwHUAhLTdid8sf-T8p34lZL4ZyAUAxAAABG7j9PzD804UKOIlSQKQMSAJQtOqHqAFYv6WTAWAAaJLIrQF4ztEEgAEBigEDVVNEkgUG8FWYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTY2NzM5MSwgMTY1MDI4NzM2OSk7dWYoJ2knLCA3MDYwOTExLCAxNjYdACxnJywgMTc1OTc3OTNGOwAwcicsIDM1MjQ0OTg0NDYfAPCwkgKBBCFNMTBXWHdqRF80TVpFTFRxaDZnQkdBQWd2NldUQVRBQU9BQkFBRWlrREZEODA0VUtXQUJnaVFKb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFlaWFESWNiSWdCQXdRRkt3LW02aG5JQlFNa0JBQUFBQUFBQThEX1pBU3g5NklMNmx1MF80QUd2LTY0RDlRRkVtY0ZBbUFJQW9BSUJ0UUlBATMIdlFJAQfwVUF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJ1Z01KVGxsTk1qbzFOVEl4NEFPT0xvQUU0UHFXQ0lnRXJQdVdDSkFFQUpnRUFjRUVBBVoBAQhESkIBBw0BGDJBUUE4UVENDihBQUFJZ0ZrU3VwQhETFFBBX3NRVQEaCQE4TUVGeEE2Mmh5Z3pHRURKLigAADAuKAAITmtGCTHIQUE4RF9nQmV5bkRmQUY0WXF5Q1BnRnZfVFpBb0lHQTBWVlVvZ0dCSkFHQVpnR0FLRUdBETkoRUNvQmdTeUJpUUoREwxBQUFSAQUNAQBaDQgBAQBoAQUJAUBDNEJnby6aApkBIXFCUUlzZzoFAixMLWxrd0VnQUNnQU0R6YhBQkFPZ2xPV1UweU9qVTFNakZBamk1SkxIM29ndnFXN1Q5UgldAQEAQh15AEIdeQRCcAEeCQEEQngJCAEBEEI0QUlrNXj0KgE4RDgu2AIA4AKcqE_qApIBaHR0cHM6Ly93d3cubGFwcmVzc2UuY2EvYWZmYWlyZXMvMjAyMi0wNC0xNC82MDAtbWlsbGlvbnMtZGUtZG9sbGFycy1lbi1jcnlwdG9tb25uYWllcy9sZS1mYmktYWNjdXNlLWRlcy1waXJhdGVzLWxpZXMtYS1sYS1jb3JlZS1kdS1ub3JkLWRlLXZvbC5waHCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APJ5C7gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTU3MiNOWU0yOjU1MjHaBAIIAeAEAfAEtIGJIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBYge-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGkQXaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLQEQADIB87RBNIHDRV1ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=2c2b5593425545ac158d0a4c450417536d8e5d67&type=nv&nvt=5&jm=1003&px=1110&py=1162&bw=300&bh=600&sid=5621392541547494875&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21064188&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=6988&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.122 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:30 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9e3afab5-631e-4cd6-bba4-11fb66b5d2a7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.lapresse.ca
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A7B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3E_WxKJtNDkMPcRFb6SifSlaJMykTwvzp5ppefIcwbiN7l4NZb_677oilfH3sspEDEJCwPSy1NOdv6DsqhwwcdFcdufFcIwN5imKzHdbOddIfyE64X3q2k30DW0WYdnIAkrvGrhRlKsMrBAdwKDW7N43JB-c8_7FGVjK3VzfkhQasPhghejAwO_hdvulp6QXmVtUADZtSuB9NBuuw6ijL5xa5XET6BQCziLY5Xeh2pONEbFFpJf-eTPHwWezWXXDGFJjAQD4MjwZphFl5FHst--dnbBqI_RT3HELIzNp7EyhqCmvgOME9QE02cGUXpRp1r2UT&sai=AMfl-YRl5eg6UZq-e5rW0PvwDZaaq5-_fVnA_B-JLMTui1Cn1AACADUC7ffLay13E-5roxiIl59PXHnFuqDIldsA_3V-YriRi1j_uVaWbF0BHEXteoWccUOHgGWSDVzPCM_P4rUGSkV6zYM8vI5Vgcbk&sig=Cg0ArKJSzCQVlGEKSZ4wEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Apr 2022 13:09:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0c69e31e3c1db7a798c72891453768d8e214c38886aa9932211650026a19799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10679
x-xss-protection
0
get_loaders
lapresse-ca.lapresse.ca/mms/ 		2 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lapresse-ca.lapresse.ca/mms/get_loaders?href=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&account_id=1057&requestUUID=b0609cce-b1f2-4c1e-b4a2-8d77012e1357-1650287369085
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.175.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-175-169.compute-1.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
x-sp-mms-node
ip-10-128-16-52
server
Jetty(9.4.2.v20170220)
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.lapresse.ca
cache-control
max-age=10800
access-control-allow-credentials
true
bcn
www.summerhamster.com/ 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.summerhamster.com/bcn?fe=1650287370510&y=2.0.1197&elg=144757314&flg=1057&x=zzz.odsuhvvh.fd%2Fdiidluhv%2F2022-04-14%2F600-ploolrqv-gh-grooduv-hq-fubswrprqqdlhv%2Foh-iel-dffxvh-ghv-sludwhv-olhv-d-od-fruhh-gx-qrug-gh-yro.sks&vqwo=1&deo=0&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0&requestUUID=b0609cce-b1f2-4c1e-b4a2-8d77012e1357-1650287369085
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.101.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-101-70.compute-1.amazonaws.com
Software
Jetty(9.2.10.v20150310) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 13:09:30 GMT
server
Jetty(9.2.10.v20150310)
content-length
43
access-control-allow-methods
*
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 13:09:30 GMT
aatInl4TXp4KXIofCl4cn0oUitQRDl0dnYkKiMpcnx3UERDSEo5dHUlUHl0ISh4OSd4eXgnJ3gnUDkoeCgofCQjcid4eXgnJ3gnUDkoeCgofCQjciJ4KCh0enhydiQqIylQQzl9K1BFQUNBRERMSjl2d3ZQLHwjdyQsQXIoJXJBIih6QXJ8Iyl4JyN0IUF2d3ZEOX...
lapresse-ca.lapresse.ca/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lapresse-ca.lapresse.ca/aatInl4TXp4KXIofCl4cn0oUitQRDl0dnYkKiMpcnx3UERDSEo5dHUlUHl0ISh4OSd4eXgnJ3gnUDkoeCgofCQjcid4eXgnJ3gnUDkoeCgofCQjciJ4KCh0enhydiQqIylQQzl9K1BFQUNBRERMSjl2d3ZQLHwjdyQsQXIoJXJBIih6QXJ8Iyl4JyN0IUF2d3ZEOXsneHlQeykpJSg4RlQ4RVk4RVksLCxBIXQlJ3goKHhBdnQ4RVl0eXl0fCd4KDhFWUVDRUVAQ0dAREc4RVlJQ0NAInwhIXwkIyhAd3hAdyQhIXQnKEB4I0B2Jy4lKSQiJCMjdHx4KDhFWSF4QHl1fEB0dnYqKHhAd3goQCV8J3QpeChAIXx4KEB0QCF0QHYkJ3h4QHcqQCMkJ3dAd3hAKyQhQSV7JTl2JCMoeCMpaGhcV1AqI3d4eXwjeHc5J3gmKngoKWhoXFdQdUNJQ0x2dnhAdUR5RUBHdkR4QHVHdEVAS3dKSkNERXhERkhKQERJSENFS0pGSUxDS0g5diQkfnx4UDhIVThFRXIoJXIoeChBRUtJRjhGVz04RlU4RUU4RVY4RUVyKCVyfHdBRUtJRjhGV0tJeXh1SERDQEdESnhAR0h0eUB1dUx1QEZDeEZ2d3dFeEZMeUFESUhDRUtKRklMQURBRElIQ0VLSkZKQ0FESUhDRUtKRklMQUdKR0h0dEdIQHd2S0NAR0NFREB1TEpGQHR2RHZ4dUp4eExJSzhGVThFRThIVzkpOEhVJXR6eGcuJXg4SFdQdCcpfHYheDkpOEhVJXR6eGl8eCw4SFdQd3gofikkJQ==
Requested by
Host: static.lpcdn.ca
URL: https://static.lpcdn.ca/lpweb/common/scripts/m-lapresse.lapresse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.175.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-175-169.compute-1.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
50a55568d635423220243afd58ab9ce70b3e5143b004e0bd8a85411d9abf5e06
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:30 GMT
x-sp-mms-node
ip-10-128-17-239
server
Jetty(9.4.2.v20170220)
strict-transport-security
max-age=15552000; includeSubdomains
access-control-allow-methods
GET
content-type
application/javascript
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
expires
Sat, 15 Nov 2008 16:00:00 GMT
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.lapresse.ca
access-control-max-age
5
content-length
0
date
Mon, 18 Apr 2022 13:09:30 GMT
server
nginx
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d39kx4ztdxg7cf.cloudfront.net
URL: https://d39kx4ztdxg7cf.cloudfront.net/anAToiMg0Lcc86KIzJLMi45LjA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.lapresse.ca
date
Mon, 18 Apr 2022 13:09:30 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
d3q7vxy7usqoub.cloudfront.net/ 		26 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3q7vxy7usqoub.cloudfront.net/?s_id=4680&a_id=1057&m_id=12345&r=336.2816800526576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2191:ac00:12:1ab1:10c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 15:37:19 GMT
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2019 18:39:37 GMT
server
AmazonS3
age
1459932
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
no-cache,no-store
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
content-length
26
x-amz-cf-id
p1OtVg6dNgmj7Asv8Bdr_YHTtftlJsNxXEVuSpV3OaYaLgjpzIVXDg==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=766059987&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&ul=en-us&de=UTF-8&dt=600%C2%A0millions%20de%20dollars%20en%20cryptomonnaies%20%7C%20Le%20FBI%20accuse%20des%20pirates%20li%C3%A9s%20%C3%A0%20la%20Cor%C3%A9e%20du%20Nord%20de%20vol%20%7C%20La%20Presse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlock&ea=messageDisplayed&el=https%3A%2F%2Fwww.lapresse.ca%2Faffaires%2F2022-04-14%2F600-millions-de-dollars-en-cryptomonnaies%2Fle-fbi-accuse-des-pirates-lies-a-la-coree-du-nord-de-vol.php&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1565221256.1650287370&tid=UA-2513326-39&_gid=421913844.1650287370&gtm=2wg4d0MP8JVMP&cd2=article&cd4=desktop&z=860162190
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 04:39:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30587
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E1E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
43144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 01:10:26 GMT
expires
Tue, 18 Apr 2023 01:10:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB99 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7529f8da6319de8782b0d5d58d7d68dbdedb1a38104fa47a96bbdd76a06c759b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WHWz4Oe/+15gEmwL6qWzHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-WHWz4Oe/+15gEmwL6qWzHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 13:09:30 GMT
expires
Mon, 18 Apr 2022 13:09:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
pagead2.googlesyndication.com/bg/ Frame 2E1E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
302904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13627
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 01:01:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BB99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=3083784062253390&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2E1E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7la84w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=3083784062253390&bg=!nJ-ln9vNAAZvJBiFTyQ7ACkAdvg8WtWdjQGulmbXnmljhOf0QJ0kDjX1VLLDtaI0umuP3Rb6SBgPrAIAAABNUgAAAAFoAQeZArVM3zdZMTwY-QdZhgY1L80bq066qhuhfKdNyB1KGPgXt2R-VRSii57k3-EirJYufEWaPZSjGZK4NxHF2l6xlS1h-BXFVzHwkAvHDQR4ode9c_8N6UP0tsi4mIpwCrhwRco-SfG9b-2wwdlmN7LOdQnOzZn-isTlBx8aYeFH8L7141-74pQvO8WYNHvB_VLOFK41ojCBf2GFWRxaM_HNgqJlDRT98C6zuQ1nZm3itjaji36aLFEBg7QZDDsBij4H-25hVk2JSrXjx02cL0G2IBkDh3gUCNIOuvK_R7ESc8B-3ntD0I8vxp9-aXofd_yQKCN_I4eFyM0DZEiwwONw4WAg-D7FkHSELrtbPbQmxnFxNXmYgu8E0VTemtVtyHMAP2odqNbmr_2-oKqY9l5wjekWhtlqXmJGLdJDx-KxIK1nci5joFlm1foWiGPXgSkkmZeQWYpDHiNhlBvRa7SKVxE3F4hTu1PEK5jq9czhUL-6HHpS11a8sxMez6ZWicSk9CmoC-OTOm5m8R9wHRqZdXeHMXnnkgfok6GfhRtkouGTbrA9ubVzqGEGhCHmD4ykI59m5rPFRre4LEoKSVGsxoF98Ih95qigGCz0JlaEDjX2XSL85b5f2H_19bayvy6K5GRa6gxlFlCHkc0OW6rddYFySQqlptgnOFtwrXDlKz8hw3Zl32EZdDHosJQIZJKPZLH87xqMLqVKMGnuug2we62Xmsp2ipXWoIxRzWUc7MOoe5CD-OSXwokAVV-_1WaETGoqXv0xWPlE_r9JloHcEZCcaW4vgvjps-jyRgfZ-PHiGantyy4p2_--Ieg6Rbub_M3y_T1oBSRJaneD11qsEFI1yWWZHOzLt17goqnemlHWgmIrh9gmcR_mEpVjbGBUtikQjERPZIA2D1z3LhHE7g470Re-wiM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.lapresse.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame E52C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10505&pub_id=1955383&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10505&pub_id=1955383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:31 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5447b17-beec-4a28-a71c-16124e5e9df1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.lapresse.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.lapresse.ca
access-control-max-age
5
content-length
0
date
Mon, 18 Apr 2022 13:09:34 GMT
server
nginx
tp2
ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca-lapresse-main.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d39kx4ztdxg7cf.cloudfront.net
URL: https://d39kx4ztdxg7cf.cloudfront.net/anAToiMg0Lcc86KIzJLMi45LjA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.211.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-211-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.lapresse.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.lapresse.ca
date
Mon, 18 Apr 2022 13:09:34 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
sync
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
409e946ee56a35e907820c2949f90861af0e501b365e5291e74b62cd599c6aa4

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Apr 2022 13:09:34 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
index.html
cdn.districtm.io/ids/ Frame F453 		116 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
46646
cf-cache-status
DYNAMIC
cf-ray
6fdda2bbfc488cd4-EWR
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
x-amz-cf-id
kJZSYE_oXkjDzmhUJOby02yt0qwvl5CujGP_-OATl6ufVfEtKWfHTw==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame E3C5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B1B1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D44 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28069
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
150347, 82462
X-Served-By
cache-lga21969-LGA, cache-yul12831-YUL
X-Timer
S1650287375.710137,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame 7D51 		779 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
1b5cee0109353d37e842aa6efdd169416ca2b5217b75a1d77fa6b8f530c76147

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
473
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame D219 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame CBF3 		116 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
46646
cf-cache-status
DYNAMIC
cf-ray
6fdda2bbfc688cd4-EWR
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-id
K6fvkGfMSujlkMvP-MGF9hqClM0WMAfGazAx_-QqrINvPVJCnMa-dQ==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
409e946ee56a35e907820c2949f90861af0e501b365e5291e74b62cd599c6aa4

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Apr 2022 13:09:34 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 59CA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28069
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
150347, 82463
X-Served-By
cache-lga21969-LGA, cache-yul12831-YUL
X-Timer
S1650287375.723897,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame 2A74 		779 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
1b5cee0109353d37e842aa6efdd169416ca2b5217b75a1d77fa6b8f530c76147

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
473
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
index.html
cdn.districtm.io/ids/ Frame 4B47 		116 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
46646
cf-cache-status
DYNAMIC
cf-ray
6fdda2bbfc798cd4-EWR
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
x-amz-cf-id
LcEGA9PP4PQmL7OsPqRO833FpN4srq2zENmrQhItxREuv0U6kHZMkQ==
x-amz-cf-pop
EWR53-P1
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 5EB4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
409e946ee56a35e907820c2949f90861af0e501b365e5291e74b62cd599c6aa4

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 18 Apr 2022 13:09:34 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 67C5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28069
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:34 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
150347, 82655
X-Served-By
cache-lga21969-LGA, cache-yul12825-YUL
X-Timer
S1650287375.735183,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame 58F6 		779 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/23098.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
1b5cee0109353d37e842aa6efdd169416ca2b5217b75a1d77fa6b8f530c76147

Request headers

Referer
https://www.lapresse.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
473
content-type
text/html
date
Mon, 18 Apr 2022 13:09:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 6D44 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e61b1ece-3781-40da-a4ed-d3b82f84ace5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7D51
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 7D51
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
107.178.246.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 7D51
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
0
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
date
Mon, 18 Apr 2022 13:09:35 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
px
p.adsymptotic.com/d/ Frame 7D51
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokMjhiMWFhNjgtNGQ2Yy0wZDJhLTFmMWQtMTg4ZDdmM2YzZWQxEAAaDQiOxvWSBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d0457155ad0180a8bc8f320be32de4ea5dc9df6d1f8ea7edb06e1405cbd527e2791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkMDQ1NzE1NWFkMDE4MGE4YmM4ZjMyMGJlMzJkZTRlYTVkYzlkZjZkMWY4ZWE3ZWRiMDZlMTQwNWNiZDUyN2UyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkMDQ1NzE1NWFkMDE4MGE4YmM4ZjMyMGJlMzJkZTRlYTVkYzlkZjZkMWY4ZWE3ZWRiMDZlMTQwNWNiZDUyN2UyNzkxNDI2YjU0MTdkY2UyMRAAGgwIj8b1kgYSBAgCEABCAEoA&goog...
  • https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fdda2bef938541f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://p.adsymptotic.com/d/px?_pid=13553&_psign=9e62e5c043ecadc9479a0ccac401dd7d
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 7D51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
35792212-477b-4efd-8c50-b034c2a82144
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7D51
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
59FRAKMTE9N31GE9DQ9M
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DCM82CTWES4VMN81YE01
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2A74
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 2A74
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
107.178.246.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 2A74
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
date
Mon, 18 Apr 2022 13:09:35 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 2A74
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIj8b1kgYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIj8b1kgYSBAgCEABCAEoA&google_gid=CAESEAFOSMidOb8uIr39GIZPka0&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=01aa0e95-0f03-4c05-a92c-5ee2454fcce4
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=01aa0e95-0f03-4c05-a92c-5ee2454fcce4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=01aa0e95-0f03-4c05-a92c-5ee2454fcce4
date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 2A74
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3150393d-d4fc-46d2-9e0f-650f59163ab3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2A74
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
52TNTVGA1VDJRP6A4V1H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3B7J8B0F7M9MV7NZYSZY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame F453 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
89340
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6fdda2bc8dd68cd4-EWR
x-amz-cf-id
BpyDbToyYei3igJS0-btMIwCNyxpUBqSub_ItWYhLo4ODW1F01WY8w==
expires
Wed, 20 Apr 2022 13:09:34 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame CBF3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
89340
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6fdda2bc9e098cd4-EWR
x-amz-cf-id
BpyDbToyYei3igJS0-btMIwCNyxpUBqSub_ItWYhLo4ODW1F01WY8w==
expires
Wed, 20 Apr 2022 13:09:34 GMT
async_usersync
ib.adnxs.com/ Frame 59CA 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
30a8068e-dc48-4d4a-aa3d-73c56338bd24
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 58F6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=159fb2c9-1f8b-4170-a4a6-f5154905ddf4-625d6309-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 58F6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
107.178.246.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=7b09a6f2-db2c-06cd-0a85-00a875289e05
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 58F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=53b35687-5841-0103-1343-5974d107ab60&apid=UPcb240b6b-bf18-11ec-a5f1-0e33bdb729c7
date
Mon, 18 Apr 2022 13:09:35 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 58F6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H2
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 18 Apr 2022 13:09:34 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=28b1aa68-4d6c-0d2a-1f1d-188d7f3f3ed1
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 58F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a948a54f-1f3f-438c-9066-9a112faf8cd3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 58F6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ed201a19-918c-4871-9994-a67035f2f68f&gdpr=0
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5SE78CQ5XX3ZV90C71RW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R7231PR1J3V2F339Q11V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=25a1a973-9c81-80b0-806a-1ae92e9794e9&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 4B47 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
89340
cf-polished
origSize=3302
x-cache
Miss from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
EWR52-C4
cf-ray
6fdda2bcce708cd4-EWR
x-amz-cf-id
BpyDbToyYei3igJS0-btMIwCNyxpUBqSub_ItWYhLo4ODW1F01WY8w==
expires
Wed, 20 Apr 2022 13:09:34 GMT
usync.js
eus.rubiconproject.com/ Frame B1B1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
40d5c6d31376c8c952e2ca6d4c78aa717bff53ee6338a47c9851ba8e9edbbf20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59461
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Tue, 19 Apr 2022 05:40:35 GMT
async_usersync
ib.adnxs.com/ Frame 67C5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.91 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b5e14f25-92ba-4178-859a-f19530a54211
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 34AE
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 34AE
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1&_expected_cookie=2f607f3...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1&_expected_cookie=2f607f3d797c888e244fd7edc88bda16
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fdda2bee915541f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d2897a23-717e-43bc-a7e2-b0efb76e42e7&_noobservation=1&_expected_cookie=2f607f3d797c888e244fd7edc88bda16
date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fdda2be98a6541f-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Apr 2022 13:09:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=triplelift
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=997336230561145700&expires=30&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 18 Apr 2022 13:09:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 34AE 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2685592278777422609610&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 77CA8F692E27403797CB442BD25D8D1D Ref B: YTO01EDGE0817 Ref C: 2022-04-18T13:09:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 34AE
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H1RERB2GHTH92NTQFDAK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 34AE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=pqn8zASR_eipnWhXuLiW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OBYW4OD2IFJVE...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pqn8zASR_eipnWhXuLiW
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pqn8zASR_eipnWhXuLiW
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=pqn8zASR_eipnWhXuLiW
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A908
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame A908
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=3b6236a...
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=3b6236acae245209c2f590959d865443
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fdda2bf0953541f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=3b6236acae245209c2f590959d865443
date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fdda2bec8e1541f-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Apr 2022 13:09:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=4c1b0aa3-c39b-4823-9de4-926d60d18377&expires=10&ssp=triplelift&bsw_param=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
  • https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=a426ad5d-99ef-431f-bab3-2e21aa2b83e1&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 18 Apr 2022 13:09:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame A908 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2685592278777422609610&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A84AD1DF6E2A40B198ED8FF4F83DA633 Ref B: YTO01EDGE0817 Ref C: 2022-04-18T13:09:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame A908
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q2K2CQ603FTDKKZX74ET
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A908
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=mZTP5MVia9LPGMI1r0YR&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVNFIUBVJVLGS...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mZTP5MVia9LPGMI1r0YR
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mZTP5MVia9LPGMI1r0YR
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mZTP5MVia9LPGMI1r0YR
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=4154b7b7-5914-45d2-8916-bc157614f00f&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEDehV_iM_N64834MISfKhw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C249
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY4NTU5MjI3ODc3NzQyMjYwOTYxMA%3D%3D
date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame C249
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2685592278777422609610&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=8b9af35...
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=8b9af35f229f794b5ea92805b4ec2792
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.100.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fdda2bee914541f-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=6d43af0e-14bf-4570-ac65-cad0bfa24d4b&_noobservation=1&_expected_cookie=8b9af35f229f794b5ea92805b4ec2792
date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fdda2be98b0541f-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2685592278777422609610?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Apr 2022 13:09:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-F1elLzZE2oT28J.M6.gbXOPisA8F2A5SoTj8q2CuPw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
rtb.mfadsrvr.com/ Frame C249
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2685592278777422609610&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
0
0
c.gif
c.bing.com/ Frame C249 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2685592278777422609610&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:34 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB4E8324AE3942D09E6C5BA1E8336142 Ref B: YTO01EDGE0817 Ref C: 2022-04-18T13:09:34Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame C249
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2685592278777422609610
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:34 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GHH098N67E46QTPBG25W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=2685592278777422609610&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C249
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=6hy2N1SQNAcsbMAKyiVQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5GZUHSMSOGFJVC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=6hy2N1SQNAcsbMAKyiVQ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=6hy2N1SQNAcsbMAKyiVQ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=6hy2N1SQNAcsbMAKyiVQ
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5BBD 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5e4d1c7264d47c8b9a43e08ceb32a5ce8ded0fcef5896c0dbc390f45ce56271

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1815
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:35 GMT
Dropped-Udsids
230|45|241|39|111|51|195|131
Expires
Mon, 18 Apr 2022 13:09:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame 3C82 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f75e2c8fe37a7b61acd14a96df8da75256a8dc05321022812259d2f0d0fd65b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1628
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:35 GMT
Dropped-Udsids
241|39|230|45|46|8|47|81
Expires
Mon, 18 Apr 2022 13:09:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
usermatch
ssum-sec.casalemedia.com/ Frame C250 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3cdb1c0a483c56e6d1a7e0793f8ddae5e9d3fa318feba5e3874a1b1efbe0bac7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1551
Content-Type
text/html
Date
Mon, 18 Apr 2022 13:09:35 GMT
Dropped-Udsids
39|241|45|230|253|57|238|190
Expires
Mon, 18 Apr 2022 13:09:35 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
tap.php
pixel.rubiconproject.com/ Frame B1B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Xqa2pw-M7Cq2CdKpSjlnSsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4984712678805751870
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4984712678805751870
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

date
Mon, 18 Apr 2022 13:09:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4984712678805751870
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame B1B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L24QHNRS-10-CGPD
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L24QHNRS-10-CGPD
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:34 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 30CDBC21C7574B2AA9E9F76B17EAE065 Ref B: YTO01EDGE0808 Ref C: 2022-04-18T13:09:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXc7XjF7Rh+nDncB1gB1g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L24QHNRS-10-CGPD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B1B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEII_sKUET7Nj3GyAsBk5BnY&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEII_sKUET7Nj3GyAsBk5BnY&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEII_sKUET7Nj3GyAsBk5BnY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRlNjRlMGRiZDQ4YzZhOTI3NzBkNWJjZDM4YWM4OWEwMzgxYmNhZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRlNjRlMGRiZDQ4YzZhOTI3NzBkNWJjZDM4YWM4OWEwMzgxYmNhZg
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRlNjRlMGRiZDQ4YzZhOTI3NzBkNWJjZDM4YWM4OWEwMzgxYmNhZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B1B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4154b7b7-5914-45d2-8916-bc157614f00f&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4154b7b7-5914-45d2-8916-bc157614f00f&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4154b7b7-5914-45d2-8916-bc157614f00f&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
709414.gif
id.rlcdn.com/ Frame B1B1 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame B1B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0UUhOUlMtMTAtQ0dQRA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0UUhOUlMtMTAtQ0dQRA==
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0UUhOUlMtMTAtQ0dQRA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame B1B1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L24QHNRS-10-CGPD&sigv=1&esig=2~a89c6ccaf1dccdcff07d78eb0c98dd0a541ac2e0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L24QHNRS-10-CGPD&sigv=1&esig=2~a89c6ccaf1dccdcff07d78eb0c98dd0a541ac2e0
Protocol
H2
Server
2001:4998:14:800::1000 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 13:09:35 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L24QHNRS-10-CGPD&sigv=1&esig=2~a89c6ccaf1dccdcff07d78eb0c98dd0a541ac2e0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 3C82 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3171M3J7103NWX311TKB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3748492465806001067
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3748492465806001067
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 580.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
258fb921-6962-42e6-bbc0-1e5e7a7db148
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6cdeb50a-ab9c-4e46-9012-b8c5f42865d3&expiration=1681823375
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6cdeb50a-ab9c-4e46-9012-b8c5f42865d3&expiration=1681823375
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=6cdeb50a-ab9c-4e46-9012-b8c5f42865d3&expiration=1681823375
date
Mon, 18 Apr 2022 13:09:35 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YHNnTtGc1NGr8j5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YHNnTtGc1NGr8j5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-08e39a0144197b4f7@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YHNnTtGc1NGr8j5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3C82
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3ib-hN4n-4bFJv3T2SDmg9wi-9TFI6qBiSc8W0WW
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3ib-hN4n-4bFJv3T2SDmg9wi-9TFI6qBiSc8W0WW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3ib-hN4n-4bFJv3T2SDmg9wi-9TFI6qBiSc8W0WW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3C82 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl1jClzpsnrLXV4fjtkjGwAA%26523
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:35 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2792
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:56:07 GMT
rum
dsum-sec.casalemedia.com/ Frame C250
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame C250 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5ND8KZKG8J2DMXHG5V3P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C250
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C250
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ium
dsum-sec.casalemedia.com/ Frame C250
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Server
Apache
Connection
keep-alive
Content-Length
0
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C250
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=997336230561145700
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=997336230561145700
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=997336230561145700
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
362358.gif
idsync.rlcdn.com/ Frame C250
Redirect Chain
  • https://idsync.rlcdn.com/461886.gif?partner_uid=Yl1jClzpsnrLXV4fjtkjGwAA%26523&&gdpr_consent=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOxVwB91PUyrfB2kvvpjXlw&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOxVwB91PUyrfB2kvvpjXlw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 13:09:35 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOxVwB91PUyrfB2kvvpjXlw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame C250
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3748492465806001067
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3748492465806001067
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
X-Proxy-Origin
149.56.153.181; 149.56.153.181; 576.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
52a1c834-5187-4340-9bdb-40ef8e3c9104
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3748492465806001067
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C250 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl1jClzpsnrLXV4fjtkjGwAA%26523
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:35 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2792
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:56:07 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPKNJwMkdSkfWXJEF1B4gjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yl1jClzpsnrLXV4fjtkjGwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGEC0_bKaxBWA6bOAMlii_g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5BBD 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yl1jClzpsnrLXV4fjtkjGwAAAgsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RJP5GDP5RB0HDFBJPZ1J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=4154b7b7-5914-45d2-8916-bc157614f00f&expiration=1652879375&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7925317822789085942&expiration=1651496975
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7925317822789085942&expiration=1651496975
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7925317822789085942&expiration=1651496975
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=0aadc2c8-da25-406b-8a82-cd616934cc3f&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1
Date
Mon, 18 Apr 2022 13:09:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d0e90bee-3f6f-487b-b86f-b93216c09768
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d0e90bee-3f6f-487b-b86f-b93216c09768
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d0e90bee-3f6f-487b-b86f-b93216c09768
date
Mon, 18 Apr 2022 13:09:35 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 5BBD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287088814094
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287088814094
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 13:09:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:09:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 13:09:35 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
114
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fdda2bef8f0714a-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662287088814094
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5BBD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yl1jClzpsnrLXV4fjtkjGwAA%26523
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.lapresse.ca%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.129.7 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-129-7.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 13:09:35 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2792
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Apr 2022 13:56:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=a426ad5d-99ef-431f-bab3-2e21aa2b83e1

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| STATIC_LPCDN_BASE_URL string| WEATHER_CITIES_ENDPOINT_URL string| WEATHER_DEFAULT_CITY_ID string| WEATHER_PATH object| ngAppGlobals string| __nuglif__webpack_public_path__ object| FIREBASE_CONFIG string| READER_PROFILE_API object| nuglif object| webpackJsonp object| googletag object| React object| ReactDOM object| regeneratorRuntime object| lpauth function| getUrlParameter object| eh object| dataLayer function| SHA1Encoder object| adsUtils object| LPOptable object| optable function| LPAdsGoogle object| _LPAdsGoogle object| _productGalleryCreativeTemplateIds object| _nativeAdTemplateIds object| LPAds object| pbjs function| LPAdsMagniteDecorator object| _LPAdsMagnite object| _sp_ object| refDetector object| authBridge object| stdCustomHTMLMsgBridge object| newsletterAdapter object| ngBraze object| appboy object| appboyQueue object| _comscore boolean| fbLoaded function| fbAsyncInit boolean| BannerAd_adsViewabilityComplete function| BannerAd_removeStickyness function| BannerAd_toggleStickyBackgroundOnScroll function| BannerAd_animate function| BannerAd_removeStickyWithAnimation function| BannerAd_removeStickyWithoutAnimation function| getPage function| setCurrentPageInSessionStorage function| isReloaded object| MicroModal function| sendVerificationEmail number| districtmMethod string| districtmVersion number| districtmRatio number| districtmHeaderTimeOut number| districtmRetryTimeOut number| districtmMaxTimeToTry object| districtmSsp string| districtmCurrency number| districtmAlone number| districtmCurrencyRate object| districtmAllowedSizes number| districtmAppnexusMemberId object| districtmEasyMap object| districtmExtSSP number| districtmTieBreaker number| districtmMemberId object| districtmCurrencyObject object| districtmMapleMega object| dmDomain number| districtmStart number| districtmStop object| districtmManualMap boolean| dm1x1 boolean| dmNeverCall number| districtmExec object| districtmBids object| districtmHeader object| dmWidget object| districtmGA object| FB undefined| f undefined| G object| ggeac object| google_tag_data object| google_js_reporting_queue function| pbjsChunk object| _pbjsGlobals object| google_tag_manager object| COMSCORE function| udm_ object| ns_p object| GlobalSnowplowNamespace function| snowplow function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken string| GoogleAnalyticsObject function| ga object| Snowplow object| __twttrll object| twttr object| __twttr object| gaplugins object| gaGlobal object| gaData number| google_unique_id object| NGBridge function| writeLocalStorage function| readLocalStorage function| todayDate string| size function| toggleSize function| getCurrentSize function| makeSmall function| makeLarge number| COUNTDOWN_START number| EXPIRATION_PERIOD_DAYS object| wall function| whenMessageViewed function| _saveData function| initialize function| displayMessage function| _datePastExpiration function| _makeWallVisible function| _makeCountdownVisible function| _replaceCountdownText function| connectButton_onClick number| lnt_z object| GoogleGcLKhOms object| startTime object| google_image_requests number| lpgtm_pageview_heartbeat

57 Cookies

Domain/Path Name / Value
.lapresse.ca/ Name: LPUID
Value: c73c4960-bf18-11ec-a9da-bd5beaa7670d
www.lapresse.ca/ Name: dmxRegion
Value: false
.lapresse.ca/ Name: OPTABLE_VISITOR
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjI3eUxSQUw1d3hDN2dEdVdVOEdqMXNWcXB1bSIsIm5ldyI6dHJ1ZSwiZXhwIjoxNjY2MDczMzY4fQ.2eZJktrKjNkWSRHUsp5A9t3fMb4bkG7IV-EHQ7pG3RRIVIAEPDjr8DL5HGVW0pspsWKb5Q8mHBHrs0VepwlZqA
optable.lapresse.ca/ Name: GCLB
Value: CJ_ZxKvBtvCfqAE
.lapresse.ca/ Name: ab.storage.deviceId.bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
Value: %7B%22g%22%3A%2256afa496-b3af-ef86-2b03-8f9c4cc129a8%22%2C%22c%22%3A1650287368839%2C%22l%22%3A1650287368839%7D
.scorecardresearch.com/ Name: UID
Value: 15F40403e4ddaf6599f66291650287369
www.lapresse.ca/ Name: _sp_ses.2863
Value: *
.demdex.net/ Name: demdex
Value: 42765631858399157960429088872384195218
.openx.net/ Name: i
Value: aedbea57-29ac-04bd-1ab2-509622836cf4|1650287369
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yl1jCQAC5SniWQAZ
.sharethrough.com/ Name: stx_user_id
Value: 892d38d7-acad-40ef-aa07-558d0a28a4bb
.creativecdn.com/ Name: u
Value: lF9RiSNv3HK4LbKN0psL
.creativecdn.com/ Name: ts
Value: 1650287369
.sitescout.com/ Name: ssi
Value: 159fb2c9-1f8b-4170-a4a6-f5154905ddf4#1650287369369
.lapresse.ca/ Name: AMCVS_842235765AFA9B840A495D4A%40AdobeOrg
Value: 1
.bidswitch.net/ Name: tuuid
Value: a426ad5d-99ef-431f-bab3-2e21aa2b83e1
.bidswitch.net/ Name: c
Value: 1650287369
.bidswitch.net/ Name: tuuid_lu
Value: 1650287369
.sitescout.com/ Name: _ssuma
Value: e30
.everesttech.net/ Name: ev_sync_dd
Value: 20220418
.rubiconproject.com/ Name: khaos
Value: L24QHNRS-10-CGPD
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEMvpDfe0kBUu1WuCoMxA8a+JUixCbOKdolQVmnFEBAWchIbRMPlKb95lqh1iC5q1rufByssOjV4SL5hAXvaZVpCltSZ/x8Ylg=
.lapresse.ca/ Name: _ga
Value: GA1.2.1565221256.1650287370
.lapresse.ca/ Name: _gid
Value: GA1.2.421913844.1650287370
.lapresse.ca/ Name: _gat_UA-2513326-39
Value: 1
.lapresse.ca/ Name: AMCV_842235765AFA9B840A495D4A%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C19101%7CMCMID%7C43023320713292330080367603811747975670%7CMCAAMLH-1650892169%7C9%7CMCAAMB-1650892169%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C-2015428620%7CMCOPTOUT-1650294569s%7CNONE%7CvVersion%7C4.3.0
.lapresse.ca/ Name: ab.storage.sessionId.bd8a5d7e-c725-4e5e-a457-4aed9b2d8fed
Value: %7B%22g%22%3A%2260a4eb26-c8d6-dbf6-1e50-c96c00346dad%22%2C%22e%22%3A1650289169742%2C%22c%22%3A1650287368834%2C%22l%22%3A1650287369742%7D
.adnxs.com/ Name: icu
Value: ChgIt6x3EAoYAyADKAMwicb1kgY4A0ADSAMQicb1kgYYAg..
.adnxs.com/ Name: uuid2
Value: 3748492465806001067
.yahoo.com/ Name: A3
Value: d=AQABBAljXWICEEMGASxwOuZT7n7OuPwKnhsFEgEBAQG0XmJnYgAAAAAA_eMAAA&S=AQAAAnqO4NFUZp0gssAip8Jm8OI
ca-lapresse-main.collector.snplow.net/ Name: sp
Value: 80eb7b40-0999-4ebf-8df6-65b2d90fcc12
.analytics.yahoo.com/ Name: IDSYNC
Value: 1929~24ed
.agkn.com/ Name: ab
Value: 0001%3AlZVs9%2FpTuDH%2Bn2ypCe3fFAM0MAKKECgJ
.openx.net/ Name: pd
Value: v2|1650287369|vMgahEkWgyiK
.doubleclick.net/ Name: IDE
Value: AHWqTUn3EnVnkG8E-cju_q_cG0AqYJW0BpkPOsQaIsVnQu_k_H0KzmegLAnAQ-lQufE
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ2JLQWJJR0d6STNlVXhTU1haaVMzTTBUWGxNYmxwWlJIVk1hRFJ4YVVsNU9Mb0dOd2lSVGhJeU1UVTVabUl5WXprdE1XWTRZaTAwTVRjd0xXRTBZVFl0WmpVeE5UUTVNRFZrWkdZMExUWXlOV1EyTXpBNUxUUXpOREc2QmlrSW1VNFNKR0UwTWpaaFpEVmtMVGs1WldZdE5ETXhaaTFpWVdJekxUSmxNakZoWVRKaU9ETmxNYm9HRlFpZ1RoSVFXV3d4YWtOUlFVTTFVMjVwVjFGQldyb0dBd2lxVHJvR0dRaXJUaElVYkVZNVVtbFRUbll6U0VzMFRHSkxUakJ3YzB5NkJnTUlyazY2QmdNSXNFND0iLCJpYXQiOjE2NTAyODczNjl9.rgu2UQGsTytBnt-F6xnfTaObp4SUkQ3GWawKdQepTNbGfu9EqM2A0QQjLiBfc9ofgab52PPEoUZ6sgEdufSa3g
.demdex.net/ Name: dextp
Value: 21-1-1650287369842|601-1-1650287369943|771-1-1650287370044
.dpm.demdex.net/ Name: dpm
Value: 42765631858399157960429088872384195218
.adsrvr.org/ Name: TDID
Value: 4154b7b7-5914-45d2-8916-bc157614f00f
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjMoNb47NHQOhAFOAE.
.turn.com/ Name: uid
Value: 2646674789086349524
.openx.net/ Name: univ_id
Value: 537072971|4154b7b7-5914-45d2-8916-bc157614f00f|1650287370153403
.lapresse.ca/ Name: __gads
Value: ID=8c1ac69d05438588:T=1650287369:S=ALNI_Ma-fuJIaoV4Fl3ZrydzqrVtiXBmlw
.lapresse.ca/ Name: __gpi
Value: UID=0000043b44e20449:T=1650287369:RT=1650287369:S=ALNI_MartVzaXWQMTf5C-YfoKuGxwnu7aw
.casalemedia.com/ Name: CMID
Value: Yl1jClzpsnrLXV4fjtkjGwAA
.casalemedia.com/ Name: CMPS
Value: 463
.casalemedia.com/ Name: CMPRO
Value: 523
.casalemedia.com/ Name: CMST
Value: Yl1jCmJdYwoA
.33across.com/ Name: 33x_ps
Value: u%3D211694453070031%3As1%3D1650287370300%3Ats%3D1650287370300
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiMzc0ODQ5MjQ2NTgwNjAwMTA2NyIsImV4cGlyZXMiOiIyMDIyLTA1LTAyVDEzOjA5OjI5LjczNzUyMVoifSwicnViaWNvbiI6eyJ1aWQiOiJMMjRRSE5SUy0xMC1DR1BEIiwiZXhwaXJlcyI6IjIwMjItMDUtMDJUMTM6MDk6MjkuNzM2MjIzWiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LTBsa2QwQ2xFMnVGaHpzdWJzcGZQd3cudDhFV0pCYks1fkEiLCJleHBpcmVzIjoiMjAyMi0wNS0wMlQxMzowOToyOS45NDYwNTRaIn0sIm9wZW54Ijp7InVpZCI6IjQ0YTk1YWMxLTM5YjQtMDhhMy0yYmU4LTU4NmJjN2ZmOWQ4NCIsImV4cGlyZXMiOiIyMDIyLTA1LTAyVDEzOjA5OjMwLjAzNTg5OVoifSwiaXgiOnsidWlkIjoiWWwxakNsenBzbnJMWFY0Zmp0a2pHd0FBJjUyMyIsImV4cGlyZXMiOiIyMDIyLTA1LTAyVDEzOjA5OjMwLjMxMzgyMloifX0sImJkYXkiOiIyMDIyLTA0LTE4VDEzOjA5OjI5LjUwODI5MloifQ==
lapresse-ca.lapresse.ca/ Name: _sp_v1_uid
Value: 1:298:c5e6e746-aa4e-4a68-8649-66e8ea780af4
lapresse-ca.lapresse.ca/ Name: _sp_v1_data
Value: 2:176348:1650287370:0:1:0:1:0:0:c3ca6b62-fae4-4421-acca-7f44dacd6353:-1
lapresse-ca.lapresse.ca/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlWIBBrfP6SgAAAA%3D
lapresse-ca.lapresse.ca/ Name: _sp_v1_opt
Value: 1:
lapresse-ca.lapresse.ca/ Name: _sp_v1_csv
Value: 2.0.1197
lapresse-ca.lapresse.ca/ Name: _sp_v1_lt
Value: 1:
www.lapresse.ca/ Name: _sp_id.2863
Value: 86feb510-417e-45af-bb9b-30e3cdd2e39f.1650287369.1.1650287374.1650287369.4745aa45-dc80-4021-b973-ac1ceb7ee968

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c.bing.com
c1.adform.net
ca-lapresse-main.collector.snplow.net
cdn.adnxs.com
cdn.districtm.io
cdn.jsdelivr.net
cdn.optable.co
cm.everesttech.net
cm.g.doubleclick.net
cm.smadex.com
connect.facebook.net
crcdn01.adnxs-simple.com
d39kx4ztdxg7cf.cloudfront.net
d3q7vxy7usqoub.cloudfront.net
dmx.districtm.io
dmx.us-east-31.districtm.io
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eef6626c5977a7fce7a93ce35fd0f32a.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fsm.lapresse.ca
hb.districtm.io
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
js-sec.indexww.com
js.appboycdn.com
lapress.demdex.net
lapresse-ca.lapresse.ca
lapresse-d.openx.net
match.adsrvr.org
match.sharethrough.com
micro.rubiconproject.com
mobile-img.lpcdn.ca
nep.advangelists.com
nym1-ib.adnxs.com
optable.lapresse.ca
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
sdk.iad-06.braze.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.lapresse.ca
static.lpcdn.ca
stats.g.doubleclick.net
sync-tm.everesttech.net
syndication.twitter.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
use.fontawesome.com
weather-api.lapresse.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lapresse.ca
www.summerhamster.com
x.bidswitch.net
rtb.mfadsrvr.com
104.127.172.242
104.16.68.69
104.18.100.194
104.244.42.72
104.94.205.31
107.178.246.49
107.178.254.65
13.249.42.30
13.32.181.20
13.32.207.122
13.32.207.54
142.250.80.2
142.250.80.70
142.251.32.98
151.101.129.108
151.101.129.208
151.101.2.49
18.213.237.106
18.214.156.126
184.29.129.7
184.85.195.135
185.167.164.37
185.184.10.30
199.38.167.128
2001:4998:14:800::1000
207.198.113.176
23.21.165.102
23.57.136.222
2600:1f18:4e9:5a05:1b13:1c6e:1524:1b17
2600:9000:2015:3000:5:18cb:8bc0:21
2600:9000:2191:ac00:12:1ab1:10c0:21
2600:9000:2191:d400:1a:609a:6780:93a1
2602:803:c002:200::42
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:3033::6815:3f36
2606:4700:4400::ac40:98f5
2606:4700::6810:5814
2606:4700::6812:16e6
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2008
2620:112:f002:bbbb::21
2620:116:800b:21:f803:c51b:4d23:ce8c
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
3.67.191.1
34.120.235.16
34.199.117.108
34.199.129.36
34.232.5.62
34.75.117.5
34.98.67.3
35.161.29.14
35.170.211.88
35.190.60.146
35.211.178.172
35.211.233.246
35.244.159.8
35.244.223.138
52.205.101.70
52.206.220.219
52.223.22.214
52.223.40.198
52.46.154.242
52.54.48.13
52.85.151.50
52.85.151.86
54.175.87.114
54.187.35.166
54.204.175.169
54.234.215.67
67.202.105.22
68.67.179.122
68.67.179.77
68.67.179.91
70.42.32.63
8.43.72.98
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0541499190c257a83eb557812148f5bce92574373eda8555b3c0fa5163df3cd9
05cd1116afa11dc2f13b29580dc1cc53f74f85b8b3b3d90ffda5ff473c7208da
06750c68194e94052e0208593948e7c4b1df48fbca94f4bdfe6379ef2f6df8cd
07cd227ab474a1200ca4e88416c5eec10f0deeb523cc6acc75605c030eebd837
08153ebc7d42d5d97501540301c0762b83fc730e7fe98c3d7d5a3e6d6a4fc43f
09aa4c6ef4da4b84a025461bca4967ea5a7cfc621dd79387699c3cb7a370afdd
0ab44da9546990b3346fd6aa079cc04e2ccef74614b7e4b000b6ace2c201152b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d004688c894ca15df2457a3527f2298e631915591060943334b31adc5a51d2b
16b7888898abf64320bc050b8b5d6130512009e4cd3bc7a79c4aa7fef86dd1b5
173078d535d76a1a59b63c2c734f84b85b1fb25dff383364a172ef4c911cbfe4
186cb283aa7c5fd62ed21f5777ef3877b0efc23ca26f558ee57f297c8b7f8c47
1b5cee0109353d37e842aa6efdd169416ca2b5217b75a1d77fa6b8f530c76147
1bb7bd21c82b57eaeff560f32e76de5b43c213a7e395d32fb51d5699282bfb08
1ec52a76e85955e8f96a6e3ade8d4e61c3cf475705ace7815a7e61cd917d0408
23e826df4ca1aecfb11e58ea8a162cd84a41f389c46baf708925e581ba1775de
246eb714db7565cf5da65b96b8f18e7e061d13907fc658916ec53091b40393dd
24becdf0e263b4503af3fc72edabf21a8df2a948c03c1271bb31ecf922cea28f
26388d7e63ae0e512ea20d978dd7cbffc1c68e6e2573d713aae072c9b5852fc4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2bb8f9a0e279d3e95b0b19a17ba73f354279f1352aef6acb4fc190c58ed82cc6
2dc02691e408070230271f3d8c0a553eeeb94a62d06aac20aa55e38ba19479db
2dd611ead5c6fcb9b5f54cd5d2a1e92d08b2941cc0ecc18e39e24ba027d1cd64
2e9882f993a11f198b9e2ab401157cb989995321796ab99ea2a358e5df869686
2ebcf563dc54c8e7c031b0287a82322808038e9458ab17bfef16925596a458f3
3275604aa8f298c6db216b047048bfa0d8c6b80c5f1b1714276e6f013d6608c8
334a7e3d2c50ba3ba1ee01293971a9a1791d677c8585e29ddfef4ab4c1d923ab
373cb6dcfcbcf42158b4fa7aebae4eefa0c6adba106f0afb1ca5de4b98a815f6
3964e54fa3f7291aaf676f53b783a805a9afdd99d0383f3d9383a291ce74c1bd
3aa3e3d51f2bc3abbd25d0f772b38f4ac5f5a08a5ebab2e707226a1879320632
3b0168787d34ab8638d54f25ec5018978846da7cb18784a8bb255af0fc081e33
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c67fb6d21875ff35b3774b2325d3690739226b4f28cd5b523a9d5804621ded5
3cdb1c0a483c56e6d1a7e0793f8ddae5e9d3fa318feba5e3874a1b1efbe0bac7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409e946ee56a35e907820c2949f90861af0e501b365e5291e74b62cd599c6aa4
40d5c6d31376c8c952e2ca6d4c78aa717bff53ee6338a47c9851ba8e9edbbf20
4350db5fa611e306d165ad0350f059cab2b13abcce5d64ef0cac9108118f6c9f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4baaa254820b6daef2b169f3cda417efbf6f442ec482f0da0dee98858898d391
4c0389121d81022c7f89d63f0926885b1367856d5fe49d64e375871f5f495caa
4d0b406b2e4ba081649443ea0069bcddfd89bd67c4e2d33b4c576b2b78a85e8e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fe22ecddd2baea2695484d56ce732ea4bb77adb05dbafc817a15db462c3f5e1
50030e1cf1d7be1d3080a7caf68057c49ea1a2265beaabe45c98c7244b2e3756
50a55568d635423220243afd58ab9ce70b3e5143b004e0bd8a85411d9abf5e06
517310c55e9701db6091fb5e4dbe37ee7bf6b9364a27e0e54d997324c2c8bb8b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b73ce0d118a4e0ee9ab13fb07c3c37fa181d6467e2c0924c1b86429a51058
58126d4bd262e4620e0603fcfd2a5faf1b060d5f4c17b252308ff6b0b46f51ea
59c2dcbc65cbef0ae4fdfd578b8a7ff58acc133938c04024141b9f6825b4170b
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5cea7a0a46e4ea964a2d42d6ca2e347ff23f8eaf83d3b8eb54aa3cd96ee1bbb9
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5d30255517408c67473431c1f73cce42236ffb541860d7e6813a51dfad8a0d12
5d342b26325fd79aa27f7a5502e58b8e3ace5e8b85cb530d2bb05fb71751ed1d
5eda896fbd669382f68454ff2d967dd5c8ba438876b775d5a45997b2cb8d0957
5fb9f7ed4dc065e3eabcc61d85fabe2ae063cdf18c1407ad9ad66e0aebc9e698
60d8ce6da085b6780e03223b932112acebbf6e949125f66f59c4093eb55cffe7
61508aea870a5836cb30629bea43f82944a1cdd7aef1858840da929df632acaf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620cf5797c896715d86ce6785903f4f9ded5179681d94dd6280ccfe00f8fac45
622d17b02731b2bce231bf2449f8d28f6ac57d66afca3748ab2a907f88c96c92
661f1e31a2bc6aa9cd8768897c810929c069c2843ec43687de13fbf3313f33a7
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6bfc38b69259f55ceb2381e9ba89d28e7692f270caa695da72022ca13f30d80f
6cf0714c8a65a93adfd9b25e551d1b0e1bf2167a72cbfefb3baab24a13ba0536
6d970b71308477cbe85d7e95f9a27c9afefc62c02fd83cc2790fbdb672653956
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
732897ea45f2975319e20dabc39dece68c41a399ffee63264e6c86ec530d1c94
73d215ca413e00af49c2aac191e0c1222767ace69ffc18330cfa628c356b1ef5
7529f8da6319de8782b0d5d58d7d68dbdedb1a38104fa47a96bbdd76a06c759b
77d01d19a9f870f70f0203d361bff73d0e28f8cbd924ff2a850eaec5e604a355
77dd4344740659eff375fa0110b782fbba46a5be0e0c332aaa3a94334968187a
7a60eca89c8c684b921fd907e4025a3f5948537dbfcdbc334134138b8f2aad4a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d181314e260d6ead0f68e3bbe9a702afae592fc3b9fe3f82fca933d3ad443c3
7d397108208666f938462411789d0183271407c800b21c9dfdeedd62600097c2
8009cb491f0d11e9ed2ba1a9cef551ab165e1b0530c64b1ee41f145efe30b940
8226d47eec9155ef81b7bde9a99588000b6fdee2aa8566f3a2ab35ffdc672ad5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849093d3a294d5ad60cb9af46fdd6cfe4bafec7c9b80a93ca004c4b5685c41b2
85f16a549845ce8fad1a4fb2449b4b58b603ef65c173f9000e5468acb9d591be
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
8eb7acd7dd23fb4531a9b3485312a2a43a42b6a7fd1180c275561d15679dca06
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
939468b91f1a598caa8af8f7680375b9cf537860bf326d3c936a2dffd509fc8b
98b8710a50aa8d516c849cf111d1b45a06b4405502f14ef6af8ac23e22c90f53
98e4e1368808bb6ca705cebb935a15e1a7f2bd0e6fbbf92e0df2e2e8fdf3e889
99ac816b389ee1637433b4b96ab4ec0d7a96677760c74267860a76de52556799
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1e8085d927bc7de200f56905ec94d33d1c0c450faa766dab19754cb9cfc578
9c221f81130938a9aea113296583f96047dd14b7571b682e8a187066cdf76771
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c5ca94e4440f2d1c890475696805b80db7fa07a9fc8b16e7e8202caa5ae692c
9de61e723f71ecad9e2966704febad3226eeb4b415236246d06ea41f43fad3bf
9f75e2c8fe37a7b61acd14a96df8da75256a8dc05321022812259d2f0d0fd65b
a033b5698daf7eb6e5364904aea4cce364b08ed174973bab144399aa3fa31340
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23b4c0d340b6ca52e350d956c0acc158fa755404dbe5816f110472a6e4bf1c3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dcd5e1129cf02c658dd50a54ac91914f1ea53509a393dc75f1a4f392b62063
a4de31f7c7a597261b433a2c345c948996685fab0ee4abe6bbcc59ba7b2096bf
a6ca578227915ccb7c94bf948770521b06f2f3f3287416fb61087a5d0c0462b4
a6d75aad5c009d0bdf36d4c1d68d90e2848460fce782adb137819228842eefe0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a745b501bcbab9a4d025e75e61877ce85114a5253c25ea75082c41fbda37c100
a8f0cf644204f8535299988641c75229b2a639ec67f31af2515642e624aebee1
aa541c89d81f39ec58fd001737774f1c9b34222ef93ae6038c4ab788882dbf23
ab258e0c74a6102c5388fdeda986c1644fcd43b6eb798e8a3a3e7b8e58fb5824
ab55c80b468a21ea49127cac5ab92ca836b91106a543a3a2b6ae2f54ce11412f
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
ae8ad1d8d59139e432ab1e7b2cd140482897ae2725ccb13099e79172ba5d69b5
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5292ee5c28832f36ee3d1ffe6b87143a29b5de792d071391385d3e7c338bebf
b573c8cfc5eb5ad392bff14b2eab5acd98eeb8a2d822e6e8e8552f9e69ef69c3
b9fa1e983879d28bdbf5a2a40a51a80bf9550ec8e6b120b773ac76770a4f218a
ba240e4860fc14034e5ca168222bf1c88ba0f381250840c1dce3a399062bfa45
ba657f58e8d57ad9aa7fb2066eb645fd3069dc1441b66fe93c1a9c3dda4b2c00
bac2e52762088b462c7ae6dff6fa381d1c0e42514af3d09775b64a7f47951920
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbad4b8cca5825aaf37ec9e26b3b382dc3dbed8be33468dc054482d5d7dba052
bd81fc897dcd430d6e6646357b912943aaa0d3a1bcd87068980566584ddebf23
bdacdc46e7b9d5c234190045f385abfe9af5eed84635d0fd00ca9319ec6da780
be3cb8d9ec0863e9e6f3b9952b38c3d4a2d13b9b016b66387e5310da04279afa
bf84456b8409baeba959a34d245627782a706867591fcedfb44e8d353637eac4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4215ea05ec0cacec7034528057b0d62014cd9cecec1c7100fd68f9c6d5d35a2
c46883da0c8fe7082a9fda3abd13b1607161b0c41ed014a78329d467fa7c5a2b
c4af7b9143734d605e39076e4eb1ac4dcec36306088165bd5d978ad0085ffe3d
c5e4d1c7264d47c8b9a43e08ceb32a5ce8ded0fcef5896c0dbc390f45ce56271
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c80674bb9706bfdc22434bb40754797ad2509c46549ed5745a21d4bc2f14f5a6
ca82094deb9c694d98cc5100b4aa02c7800c307c348124004d1bc260a1009c80
cb34dc463bf068906b3f2231a2dcf97f45c9eb45c2d675b0c8358af1afaad138
cb90be8137438dd46a830662e1f7f9208072736e0dc2bbb85b053758db93f1de
cbab4d04bc5903e30d522b8555c687f2448747555cd1a291c6baa804b191b296
cd387609fa550bb68f521d047df0a8cea3016321e0714444b9459b8c5109e7bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf94621194b49d5d19ba1a2ae457775f42d4a05f676d76c8a42996ff01fcc2d1
d0c69e31e3c1db7a798c72891453768d8e214c38886aa9932211650026a19799
d160d02181f20589275bbcb383d5300c69a4ab370bfc9b79b4eeec8c9f25de10
d26f1ac92124c77f1e72f8ba2d879c2c5a4f91a6721f4b5f33ae8fb0309bbf79
d362cd1471dbed84ed7f8eceede9d9f0a11e1cc511e7dea338f89c3b3f4c54de
d3d486c7e3bd045b501ddbc559be1ec8a1fb68a5a8d2d7fadb2562ddb88e8186
d40b62025b1f215731a53416765c99fd66a7ba2e3effc9fd65c871da7045ac69
d4a5654f84073dbe56eccb4541665ded0761004906eacc0edc9b37258f5733b9
d9ef98de23379bca12097fcab0eb9fbc8193fc2a9855199598dc291a0a450b8b
dac95d1c7d0868b967c94ae9286452cc3997dcb75702af2cbb99083d693db884
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df801b185b8aba39ef4e5f1ade3535d69b5103348ff38d039a3972490ce3de72
e098b78823dc25629ef63339839072348ef02d7f638cc1d0aadbb0adb7d8d78c
e171fe37b2d1df70943a2394b05b89eee6461b567d0c3e976702441df86eae9e
e2d20ec3a0597f3e62105614471728cec8ebbbac6734d69f9b080299e63404a1
e3113f69bb04f4800ae206915ee9ca4970d6141040a035a8d9f95bbcbd2cd678
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a3df064a39618e1ab9be6897b9d54cae721a409a77615c80f1630d45ec06d
e467e1354ec82b4ff98938872632fde03a71f319cece7f22127259d7ca69ab6a
e478825a20956f3a8db69e678e93dde9fa56e623913abe1e09a2a574767c490f
e83c3c9efaebd33130583cc52d7a1c45d3e6394bc3e817b0b47118e0d35c6fa6
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
ec4c80b321ed5d59dc12a4212f7281728bae6b8e923bda8f67a433ce38de81b1
ed748f1d8bde54b47c50c3389ab131ff86b26157a214275c913e0a1463e425e7
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a99c7545437e028b02c1f0cc958715b10c1855d3fc324cebe064c7944ae2a8
f250cde45af664b863b0edcd2405c154abd64aed7c7ac07b61fb1f99f4887575
f2fcd55bdc5ecd10984851ed5f12d098f5a994f57562bc0d8cc77e2bbe13c8a0
f345c5eba45299fc4c711ecfa92a5376e6e9aa1aa11f7acc298c9c38cff9333f
f3a6eb4fe2d425ab192314b31cd7df720126cc095050fcccb552c9f611940500
f624b9b965b9e523920e2b07afc097427a5477c58013ee33dab9aa80477f1350
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f9c4765c061c38e936b5999e2e7630787b616e07e71d0d0a3096c998b6712001
ff115de13b78301a98b4b805874f47cfa1ec0aecadeb11c723cc257a7b1d4bb9