oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.programnews.airmiles.ca/r/?id=ha6b97418,7e229fa,5bf9bd
Effective URL:
https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlq...
Submission: On December 07 via manual (December 7th 2022, 7:49:05 pm UTC) from CA — Scanned from CA

Summary HTTP 43 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 43 HTTP transactions. The main IP is 2606:4700:4400::6812:2675, located in United States and belongs to CLOUDFLARENET, US. The main domain is oauth.airmiles.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 26th 2022. Valid for: a year.

This is the only time oauth.airmiles.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.99.14.233 3.99.14.233	16509 (AMAZON-02) (AMAZON-02)
1 3	173.223.64.193 173.223.64.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:440... 2606:4700:4400::6812:2675	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
2	52.217.40.46 52.217.40.46	16509 (AMAZON-02) (AMAZON-02)
2	2600:1402:980... 2600:1402:9800:594::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1 1	159.175.66.11 159.175.66.11	26567 (AS-LMGC-T...) (AS-LMGC-TOR-01)
4	54.231.236.193 54.231.236.193	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
4	52.5.17.211 52.5.17.211	14618 (AMAZON-AES) (AMAZON-AES)
1	35.173.117.185 35.173.117.185	14618 (AMAZON-AES) (AMAZON-AES)
6	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
2	54.237.134.210 54.237.134.210	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.220.196.113 3.220.196.113	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
43	17

1 3.99.14.233 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-99-14-233.ca-central-1.compute.amazonaws.com

t.prod1.programnews.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.223.64.193 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-64-193.deploy.static.akamaitechnologies.com

www.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2675 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

oauth.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.40.46 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1402:9800:594::1e80 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:816::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.175.66.11 (Toronto, Canada) 1 redirects

ASN26567 (AS-LMGC-TOR-01, CA)
PTR: origin-www.airmiles.ca

airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.231.236.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

airmiles-fonts.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.5.17.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-17-211.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.117.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-117-185.compute-1.amazonaws.com

starget.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:816::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.134.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-134-210.compute-1.amazonaws.com

loyaltyone.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.196.113 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-196-113.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gstatic.com www.gstatic.com fonts.gstatic.com	562 KB
8	airmiles.ca 4 redirects t.prod1.programnews.airmiles.ca — Cisco Umbrella Rank: 551468 www.airmiles.ca — Cisco Umbrella Rank: 397167 oauth.airmiles.ca airmiles.ca — Cisco Umbrella Rank: 303120 starget.airmiles.ca	298 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 405	48 KB
6	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 222 loyaltyone.demdex.net	9 KB
6	amazonaws.com s3.amazonaws.com airmiles-fonts.s3.amazonaws.com	1 MB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8016	564 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	126 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 471	103 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1037	829 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1131	517 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1528	417 B
43	13

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	s3.amazonaws.com oauth.airmiles.ca www.google.com www.gstatic.com
4	dpm.demdex.net	assets.adobedtm.com oauth.airmiles.ca
4	airmiles-fonts.s3.amazonaws.com	oauth.airmiles.ca
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com oauth.airmiles.ca
3	www.airmiles.ca	1 redirects oauth.airmiles.ca
2	fonts.gstatic.com	www.google.com
2	cm.g.doubleclick.net	2 redirects
2	loyaltyone.demdex.net	assets.adobedtm.com
2	www.google.ca	oauth.airmiles.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	s3.amazonaws.com www.googletagmanager.com
2	assets.adobedtm.com	oauth.airmiles.ca assets.adobedtm.com
2	s3.amazonaws.com	oauth.airmiles.ca
2	oauth.airmiles.ca	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cm.everesttech.net	1 redirects
1	starget.airmiles.ca	assets.adobedtm.com
1	analytics.google.com	www.googletagmanager.com
1	airmiles.ca	1 redirects
1	polyfill.io	oauth.airmiles.ca
1	t.prod1.programnews.airmiles.ca	1 redirects
43	22

This site contains links to these domains. Also see Links.

Domain
policies.google.com
airmiles.ca
www.airmiles.ca
www.loyalty.com

Subject Issuer	Validity	Valid
oauth.airmiles.ca Cloudflare Inc ECC CA-3	`2022-07-26` - `2023-07-25`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.airmiles.ca DigiCert SHA2 Secure Server CA	`2022-03-19` - `2023-03-08`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
starget.airmiles.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-11-10` - `2023-11-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Frame ID: A416F92AE012B5041A164352418F4F21
Requests: 29 HTTP requests in this frame

Frame: https://loyaltyone.demdex.net/dest5.html?d_nsid=0
Frame ID: 348C1A2C5FC8821DFE71E6009DFD4BAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=fr&type=image&v=kIwrVVm2NtNiYWIMfmAv61AP&theme=light&size=invisible&badge=bottomright&cb=jsq4a2uzm6vw
Frame ID: 8BF4AE4045CDA7706AB9E6E1233F2D1A
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
Frame ID: 2E9961668B8C207CF6BB9B68521D60E5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AIRMILES | Ouvrez une session

Page URL History Show full URLs

https://t.prod1.programnews.airmiles.ca/r/?id=ha6b97418,7e229fa,5bf9bd HTTP 302
https://www.airmiles.ca/fr/profil/convertir.html?utm_campaign=63357_auth0_admin_20221207_20221213&ut... HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&resp... HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3Rp... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

43
Requests

91 %
HTTPS

50 %
IPv6

13
Domains

22
Subdomains

17
IPs

2
Countries

2568 kB
Transfer

3869 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy?hl=fr-CA
Title: politique de confidentialité

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=fr-CA
Title: conditions d'utilisation

Search URL Search Domain Scan URL

URL: https://airmiles.ca/fr/adherer.html
Title: Adhérer

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/login/FindMyCollectorNumber?changeLocale=fr
Title: Récupérer mon numéro d’adhérent

Search URL Search Domain Scan URL

URL: https://airmiles.ca/fr/profil/id-utilisateur-oublie/recuperation-de-id.html
Title: Récupérer mon Courriel

Search URL Search Domain Scan URL

URL: https://airmiles.ca/en/login
Title: English

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/fr/aide.html
Title: Aide

Search URL Search Domain Scan URL

URL: https://www.loyalty.com/fr/home
Title: LoyaltyOne, Co

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.programnews.airmiles.ca/r/?id=ha6b97418,7e229fa,5bf9bd HTTP 302
https://www.airmiles.ca/fr/profil/convertir.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/services/airmiles/sling/no-cache/authenticate&state=member&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png HTTP 302
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Request Chain 24

https://cm.everesttech.net/cm/dd?d_uuid=44713896673181090283749206232382771556 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5DuLAAAAJ4I5AN-

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDQ3MTM4OTY2NzMxODEwOTAyODM3NDkyMDYyMzIzODI3NzE1NTY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDQ3MTM4OTY2NzMxODEwOTAyODM3NDkyMDYyMzIzODI3NzE1NTY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC4j9kMZw9xlb3uKGQd_5qg&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 31

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=44713896673181090283749206232382771556&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-D_DWhgVE2pG4NFZG6egbqhUxu9kDl__CEOo-~A

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
oauth.airmiles.ca/
Redirect Chain

https://t.prod1.programnews.airmiles.ca/r/?id=ha6b97418,7e229fa,5bf9bd
https://www.airmiles.ca/fr/profil/convertir.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/se...
https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE...

4 KB
4 KB

182ms
180ms

Document
text/html

2606:4700:4400::6812:2675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2675 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5427cbdf3304a90ca8d8c741f262f899bfb7dbdef040c98946f78863424b799

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 775fc8304f38ece6-YUL
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 19:48:59 GMT
etag: W/"e1b-0Tq08U81TWF/8n4E7X4gkOjVztE"
ot-baggage-auth0-request-id: 775fc8304f38ece6
ot-tracer-sampled: true
ot-tracer-spanid: 386cd4635b2ac5f8
ot-tracer-traceid: 6eaeb26a6734e56c
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-00000000000000006eaeb26a6734e56c-386cd4635b2ac5f8-01
tracestate: auth0-request-id=775fc8304f38ece6,auth0=true
vary: Accept-Encoding
x-auth0-requestid: b9f8762f5924db7076b3
x-content-type-options: nosniff
x-frame-options: deny
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 775fc82ead66ece6-YUL
content-length: 1294
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 19:48:59 GMT
location: /login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
ot-baggage-auth0-request-id: 775fc82ead66ece6
ot-tracer-sampled: true
ot-tracer-spanid: 5854ba9b5552e94b
ot-tracer-traceid: 4279616e572598bb
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-00000000000000004279616e572598bb-5854ba9b5552e94b-01
tracestate: auth0-request-id=775fc82ead66ece6,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: cec7466aef1e20f1b511
x-content-type-options: nosniff

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 51ms
22ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=es2015
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:48:59 GMT
content-encoding: br
last-modified: Wed, 30 Nov 2022 17:02:06 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-yul12826, PASS, fastly;desc="Edge time";dur=11
accept-ranges: bytes
content-length: 94

GET
H/1.1 200
OK gtmDataLayer.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 355 B
762 B 122ms
66ms Script
application/javascript 52.217.40.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.40.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:00 GMT
Last-Modified: Wed, 22 Jun 2022 12:35:47 GMT
Server: AmazonS3
x-amz-request-id: B5F4QWD7D7G2THT6
ETag: "26b4c91e6ed7cb7bd0e6de46903ebc04"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 355
x-amz-id-2: SIuTgkgHHqsq8JRQuWwO46D2LeBJoaQkPzqbMbGLdol4KZP9tNk15JwXo595P8sN+We3Bzigm2o=

GET
H2 200 launch-29c1aee2883d.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/ 329 KB
102 KB 240ms
39ms Script
application/x-javascript 2600:1402:9800:594::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1402:9800:594::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:49:00 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:05 GMT
server: AkamaiNetStorage
etag: "96b278a64915ff92bf38e9e96c0ea8fe:1669646465.433522"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 103861
expires: Wed, 07 Dec 2022 20:49:00 GMT

GET
H/1.1 200
OK auth0p.1.0.140.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 1 MB
1 MB 115ms
59ms Script
application/javascript 52.217.40.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.40.46 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 78952943632e3c1c3b3313ba757aa35b716e9fca299604f1a8db3b8a83319ca6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:00 GMT
Last-Modified: Thu, 17 Nov 2022 15:08:59 GMT
Server: AmazonS3
x-amz-request-id: B5F3G65DYCMZF1TC
ETag: "0b1f1ef66f9d5d2c74c3a3786093aece"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1310458
x-amz-id-2: L5vzfN8kZiXedH2ev8e5u13E3z7uZYrdQxpwHe9YJMSmg/2uY2zeM1mE0r4AtrjgyyOBatL8pOM=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
52 KB 88ms
39ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8176d76366bbc4d4d305b43ec72f4beea505762fcb7b7a9cea816c726fb3dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:48:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52389
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 19:48:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 18:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4442
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 20:34:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 77ms
33ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e62b82e83927e214346a81bd6ce643d9f565c74dba8fde8b0a46647cc2017780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:49:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 19:49:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
992 B 120ms
67ms Script
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34293ed931eff4c4e2745325de4be61d61dca201dc9cfcb55ba16f138459d3fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 19:49:00 GMT

GET
H2

200

AIRMILES_NOTAG.png
www.airmiles.ca/content/dam/airmiles/ca/en/homepage/
Redirect Chain

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

13 KB
13 KB

24ms
23ms

Image
image/png

173.223.64.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Requested by

Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Server

173.223.64.193 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-64-193.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 19:49:00 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 13215
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Oct 2021 20:45:30 GMT
server: Apache
etag: "339f-5cda11c31ae80"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

Redirect headers

Location: https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 AM_FR_2021_Card_Angle_200pc_RESAMPL.png
www.airmiles.ca/content/dam/airmiles/ca/fr/homepage/ 275 KB
276 KB 31ms
30ms Image
image/png 173.223.64.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/fr/homepage/AM_FR_2021_Card_Angle_200pc_RESAMPL.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.223.64.193 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-64-193.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c7e9db7516e1931769de448ee19b852670ffe81bc27b9e5133ea63d25b14888e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 19:49:00 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 281606
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 04:46:50 GMT
server: Apache
etag: "44c06-5cd2f22874280"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

GET
H/1.1 200
OK archivo-regular.woff2
airmiles-fonts.s3.amazonaws.com/ 12 KB
13 KB 119ms
50ms Font
binary/octet-stream 54.231.236.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-regular.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.236.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:01 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:23 GMT
Server: AmazonS3
x-amz-request-id: 45E7AG6XFCV064S2
ETag: "2c86cd470c4a37013e3bd26918617dbc"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 12516
x-amz-id-2: 1LKfzoBFCW5fCJ0/piangf7i9m1G0fmevzO9DRbu0rHl9Nz21hJil5n6LQjAjaMVqE0rayA98g8=

GET
H/1.1 200
OK montserrat-bold.woff2
airmiles-fonts.s3.amazonaws.com/ 20 KB
20 KB 116ms
51ms Font
binary/octet-stream 54.231.236.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/montserrat-bold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.236.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:01 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:16 GMT
Server: AmazonS3
x-amz-request-id: 45EAYRCD7KQVMSZT
ETag: "7bad4a6005ffca3966b2a099250e0638"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 20040
x-amz-id-2: e4e/4hXikwPtWwQEd4Y3hRWVQaFRnMmAeTmRZa1pfze0VlDC4c1IrwOYJcLTHSKH21zcIFc0EaY=

GET
H/1.1 200
OK AM-icon.ttf
airmiles-fonts.s3.amazonaws.com/ 77 KB
77 KB 115ms
50ms Font
binary/octet-stream 54.231.236.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/AM-icon.ttf
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.236.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:01 GMT
Last-Modified: Tue, 24 May 2022 15:22:57 GMT
Server: AmazonS3
x-amz-request-id: 45E0MTD1QRTVW43T
ETag: "2b0a39d5a49aad51c97ca6e71f3f4d58"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 78788
x-amz-id-2: XPPLBKE8sX3fqUB1zYhVRjQa3x30kC0xg5EbVaeJMOlnjmOzF9gpU8ytdmDl++MnBNDjGLaLTT8=

GET
H/1.1 200
OK archivo-semibold.woff2
airmiles-fonts.s3.amazonaws.com/ 11 KB
12 KB 119ms
54ms Font
binary/octet-stream 54.231.236.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-semibold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&locale=fr_FR&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.236.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 19:49:01 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:20 GMT
Server: AmazonS3
x-amz-request-id: 45E74XWX3GCR44MH
ETag: "f023c1e223eb8e25de33525b21c48999"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 11724
x-amz-id-2: Q+dUziv7dZVL9t2uHNt4rWL9bf8eHijrrnxtdNYhvB9sTYwmJ2wT0STRdYyEYwTsSIyvXIChA2k=

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 71ms
20ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 07 Dec 2022 19:59:07 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 85ms
36ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-CWLBQJLYC4&gtm=2oebu0&_p=856175322&_gaz=1&cid=2102633956.1670442540&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670442540&sct=1&seg=0&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26locale%3Dfr_FR%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dt=AIRMILES%20%7C%20Ouvrez%20une%20session&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 94ms
32ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CWLBQJLYC4&cid=2102633956.1670442540&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 91ms
40ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CWLBQJLYC4&cid=2102633956.1670442540&gtm=2oebu0&aip=1&z=11825537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 790 B
1 KB 119ms
33ms XHR
application/json 52.5.17.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=6A3DF65A5832D31C0A495C35%40AdobeOrg&d_nsid=0&d_mid=45216140258799779833798141963249516031&ts=1670442540541

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.17.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-17-211.compute-1.amazonaws.com

Software

Resource Hash

3326ef49360cf649cee6eed44ea1834fa2d9abfbf097499afe814b572b8d8cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-2-v044-00a2e08e9.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: DhMedBSTRUU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 496
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 delivery Show response
starget.airmiles.ca/rest/v1/ 353 B
719 B 138ms
39ms XHR
application/json 35.173.117.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://starget.airmiles.ca/rest/v1/delivery?client=loyaltyone&sessionId=890174185d6843c2b512eb5e57aa5397&version=2.8.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.117.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-117-185.compute-1.amazonaws.com
Software: /
Resource Hash: 9723fdaeb40bb95d74e79ecd66ad1c9ec0b9ef58341f8cd2fe8b1b5ad13a0263

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Dec 2022 19:49:00 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://oauth.airmiles.ca
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: b4eba661efe56ca0e54d676744ebcb35

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ 401 KB
160 KB 83ms
20ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 21:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163011
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 21:45:04 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 88ms
33ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76333024-1&cid=2102633956.1670442540&jid=312518941&gjid=753369066&_gid=592665406.1670442540&_u=aGBAiEAjBAAAAEAAI~&z=1734421425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 19:49:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=856175322&t=pageview&_s=1&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBFdE5sWi04NExiNHh3NmRrV0Rfdi1jOVZfMFo1b21hc6FupWxvZ2luo3RpZNkgT3BZX0VUY0NyUXlqN3NzNHYxYXY5TTBmMjZFZUwteGejY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26locale%3Dfr_FR%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dp=%2Flogin&ul=en-us&de=UTF-8&dt=AIRMILES%20%7C%20Ouvrez%20une%20session&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAAAAAAAI~&jid=312518941&gjid=753369066&cid=2102633956.1670442540&tid=UA-76333024-1&_gid=592665406.1670442540&gtm=2wgbu0589MTWS&cd5=prod&cd9=1670442540046&cd11=1670442540046.o5ev8s2np&z=2066230772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 06:51:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46667
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
loyaltyone.demdex.net/ Frame 348C 7 KB
3 KB 126ms
26ms Document
text/html 54.237.134.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.134.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-134-210.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v044-06e7723f5.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tbSCAJPdQyo=
content-encoding: gzip
date: Wed, 7 Dec 2022 19:49:00 GMT
last-modified: Fri, 28 Oct 2022 11:03:30 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y5DuLAAAAJ4I5AN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=44713896673181090283749206232382771556
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5DuLAAAAJ4I5AN-

42 B
940 B

30ms
30ms

Image
image/gif

52.5.17.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5DuLAAAAJ4I5AN-

Requested by

Protocol

HTTP/1.1

Server

52.5.17.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-17-211.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v044-0cecb7907.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: I8LftDx4QLY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5DuLAAAAJ4I5AN-
Date: Wed, 07 Dec 2022 19:49:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 93ms
38ms Image
image/gif 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=2102633956.1670442540&jid=312518941&_u=aGBAiEAjBAAAAEAAI~&z=1164921117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 94ms
41ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=2102633956.1670442540&jid=312518941&_u=aGBAiEAjBAAAAEAAI~&z=1164921117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8BF4 43 KB
22 KB 51ms
51ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=fr&type=image&v=kIwrVVm2NtNiYWIMfmAv61AP&theme=light&size=invisible&badge=bottomright&cb=jsq4a2uzm6vw

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63801da788ad2abf28b9e587d813d6bf0ad933a96d6ac3eba88c8ab4cd93dd66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbclMxXvv9yWWMadqAHmoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22826
content-security-policy: script-src 'report-sample' 'nonce-tbclMxXvv9yWWMadqAHmoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 19:49:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEC4j9kMZw9xlb3uKGQd_5qg&google_cver=1
dpm.demdex.net/ Frame 348C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDQ3MTM4OTY2NzMxODEwOTAyODM3NDkyMDYyMzIzODI3NzE1NTY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDQ3MTM4OTY2NzMxODEwOTAyODM3NDkyMDYyMzIzODI3NzE1NTY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC4j9kMZw9xlb3uKGQd_5qg&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

38ms
28ms

Image
image/gif

52.5.17.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC4j9kMZw9xlb3uKGQd_5qg&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.5.17.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-17-211.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-00c644239.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: jHw+9tpdT2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 19:49:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC4j9kMZw9xlb3uKGQd_5qg&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 8BF4 52 KB
24 KB 67ms
22ms Stylesheet
text/css 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=fr&type=image&v=kIwrVVm2NtNiYWIMfmAv61AP&theme=light&size=invisible&badge=bottomright&cb=jsq4a2uzm6vw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 02:51:17 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 8BF4 405 KB
161 KB 78ms
34ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3304d2dd82d7fa8d0717b2215a98edc3e0164a8f9035ae4a8e6edff93c17e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164684
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 19:38:34 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 348C
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=44713896673181090283749206232382771556&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-D_DWhgVE2pG4NFZG6egbqhUxu9kDl__CEOo-~A

42 B
940 B

29ms
28ms

Image
image/gif

52.5.17.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-D_DWhgVE2pG4NFZG6egbqhUxu9kDl__CEOo-~A

Requested by

Protocol

HTTP/1.1

Server

52.5.17.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-17-211.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v044-06aee69c0.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BMQ1zKjTRE4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 07 Dec 2022 19:49:01 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-D_DWhgVE2pG4NFZG6egbqhUxu9kDl__CEOo-~A
content-length: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8BF4 2 KB
2 KB 21ms
21ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 05:38:29 GMT
x-content-type-options: nosniff
age: 51032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 14 Dec 2022 05:38:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8BF4 15 KB
16 KB 70ms
22ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 100150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Dec 2023 15:59:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8BF4 15 KB
15 KB 75ms
27ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 13:23:45 GMT
x-content-type-options: nosniff
age: 23116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 13:23:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8BF4 102 B
134 B 39ms
38ms Other
text/javascript 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3957bb1a2210a69867b7ea2a7ab650b546b51d5181fdd6fbd2bddee30364c4da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=fr&type=image&v=kIwrVVm2NtNiYWIMfmAv61AP&theme=light&size=invisible&badge=bottomright&cb=jsq4a2uzm6vw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 19:49:01 GMT

GET
H2 200 RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/ 2 KB
1 KB 44ms
43ms Script
application/x-javascript 2600:1402:9800:594::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1402:9800:594::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:49:01 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:06 GMT
server: AkamaiNetStorage
etag: "51a9fb67f17c7e0f8a28ff2fa9da7b02:1669646466.263451"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1134
expires: Wed, 07 Dec 2022 20:49:01 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2E99 7 KB
1 KB 42ms
41ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec24152738f59431a496c02c9b665218053c1a5e3312a13c6ab82d8e9b68a91f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zr4bfB5DYNUbppkhpekYmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-Zr4bfB5DYNUbppkhpekYmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 19:49:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 2E99 52 KB
24 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 02:51:17 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/ Frame 2E99 405 KB
161 KB 24ms
24ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3304d2dd82d7fa8d0717b2215a98edc3e0164a8f9035ae4a8e6edff93c17e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 19:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164684
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 05:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 19:38:34 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2E99 38 KB
23 KB 74ms
73ms XHR
application/json 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/kIwrVVm2NtNiYWIMfmAv61AP/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

913618c234fde33f77e498785ee2426365440311be27a624ec776f71b7495ea5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=kIwrVVm2NtNiYWIMfmAv61AP&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Dec 2022 19:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23411
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 19:49:01 GMT

POST
H/1.1 200
OK event Show response
loyaltyone.demdex.net/ 636 B
1 KB 37ms
36ms XHR
application/json 54.237.134.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/event?d_dil_ver=9.5&_ts=1670442541819

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.134.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-134-210.compute-1.amazonaws.com

Software

Resource Hash

a27f0fc823961cf54dd92ced0d8759308220a25d6e59d5c3d968d20f05075b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcscanary-prod-va6-1-v050-02256f7ad.edge-va6.demdex.com 8 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 83FcQI/xS3Q=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 413
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oauth.airmiles.ca/usernamepassword/login	1970-01-20 08:15:06	Name: _csrf Value: qvWkrCYR6Up-u2ORfemc5x0U
www.google.com/recaptcha	1970-01-20 12:19:54	Name: _GRECAPTCHA Value: 09ACJCI2mth5V0TCNLeu1fwRNQ8O8D3jHoXcCdkQ9N--KEVa-vCXnXV0OITg8_cQFCoe8x2ihUTHJtIMOXRvojOAM
.airmiles.ca/	1969-12-31 23:59:59	Name: nlid Value: a6b97418\|7e229fa
.airmiles.ca/	1970-01-20 17:36:42	Name: nllastdelid Value: 7e229fa
.airmiles.ca/	1969-12-31 23:59:59	Name: province Value: QC
.airmiles.ca/	1969-12-31 23:59:59	Name: returnTo Value: https_//www.airmiles.ca/fr/profil/convertir.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
.airmiles.ca/	1970-01-20 08:00:46	Name: AKA_A2 Value: A
oauth.airmiles.ca/	1970-01-20 16:46:40	Name: did Value: s%3Av0%3A315d5530-7668-11ed-8463-efc165b2f1cd.zzLlpQl7xq2GYg9Cbm8An%2BDNZx3cQe%2FYkJjFwQFkT0g
oauth.airmiles.ca/	1970-01-20 08:05:01	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJSe8hRiDzLYTlZzgW5IYFuCfghbaFYgMDyvAW2G_iS6X41r0ILCi6TJNDO8FTgJbr-L1D6K2nkOvp9uRSN8UXOmY29va2llg6dleHBpcmVz1_-B8CkAY5Tiq65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Lg6f2zwwqe2m9iLKlMtjETwrMCpPK7N3%2BH7CgPVExls
oauth.airmiles.ca/	1970-01-20 16:46:40	Name: did_compat Value: s%3Av0%3A315d5530-7668-11ed-8463-efc165b2f1cd.zzLlpQl7xq2GYg9Cbm8An%2BDNZx3cQe%2FYkJjFwQFkT0g
oauth.airmiles.ca/	1970-01-20 08:05:01	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQJSe8hRiDzLYTlZzgW5IYFuCfghbaFYgMDyvAW2G_iS6X41r0ILCi6TJNDO8FTgJbr-L1D6K2nkOvp9uRSN8UXOmY29va2llg6dleHBpcmVz1_-B8CkAY5Tiq65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Lg6f2zwwqe2m9iLKlMtjETwrMCpPK7N3%2BH7CgPVExls
.airmiles.ca/	1970-01-20 08:02:08	Name: _gid Value: GA1.2.592665406.1670442540
.airmiles.ca/	1970-01-20 17:36:42	Name: _ga_CWLBQJLYC4 Value: GS1.1.1670442540.1.0.1670442540.60.0.0
.airmiles.ca/	1970-01-20 17:36:42	Name: _ga Value: GA1.1.2102633956.1670442540
.airmiles.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 12:19:54	Name: demdex Value: 44713896673181090283749206232382771556
.airmiles.ca/	1970-01-20 08:00:42	Name: _dc_gtm_UA-76333024-1 Value: 1
.airmiles.ca/	1969-12-31 23:59:59	Name: AMCVS_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: 1
.airmiles.ca/	1970-01-20 17:36:42	Name: mbox Value: session#890174185d6843c2b512eb5e57aa5397#1670444401\|PC#890174185d6843c2b512eb5e57aa5397.34_0#1733687341
.everesttech.net/	1970-01-20 16:46:18	Name: everest_g_v2 Value: g_surferid~Y5DuLAAAAJ4I5AN-
.dpm.demdex.net/	1970-01-20 12:19:54	Name: dpm Value: 44713896673181090283749206232382771556
.airmiles.ca/	1970-01-20 17:36:42	Name: AMCV_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: -2121179033%7CMCMID%7C45216140258799779833798141963249516031%7CMCIDTS%7C19334%7CMCAAMLH-1671047340%7C7%7CMCAAMB-1671047340%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1670449740s%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C5.3.0
.demdex.net/	1970-01-20 12:19:54	Name: dextp Value: 771-1-1670442540948\|30646-1-1670442541054
.yahoo.com/	1970-01-20 16:46:40	Name: A3 Value: d=AQABBC3ukGMCEF7heE-1vW_gIOiQ8DRhJbYFEgEBAQE_kmOaYwAAAAAA_eMAAA&S=AQAAAqOQIfFnNWFcy-7QtOE6EoE
.doubleclick.net/	1970-01-20 17:36:42	Name: IDE Value: AHWqTUl_zV1ctmayewIit_tRQlIxTHIdsZN3InHB4tHERZ2yIim6SI2rTPJjS447rPU
.oauth.airmiles.ca/	1970-01-20 08:43:54	Name: aam_tnt Value: seg%3D15722027%2Cseg%3D15559059%2Cseg%3D15722027%2Cseg%3D15779431

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airmiles-fonts.s3.amazonaws.com
airmiles.ca
analytics.google.com
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
fonts.gstatic.com
loyaltyone.demdex.net
oauth.airmiles.ca
polyfill.io
s3.amazonaws.com
starget.airmiles.ca
stats.g.doubleclick.net
t.prod1.programnews.airmiles.ca
www.airmiles.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
142.251.40.226
159.175.66.11
173.223.64.193
2001:4860:4802:34::181
2600:1402:9800:594::1e80
2606:4700:4400::6812:2675
2607:f8b0:4004:c08::9a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2008
2a04:4e42:800::282
3.220.196.113
3.99.14.233
35.173.117.185
52.217.40.46
52.5.17.211
54.231.236.193
54.237.134.210
76.13.32.147
1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3326ef49360cf649cee6eed44ea1834fa2d9abfbf097499afe814b572b8d8cc4
34293ed931eff4c4e2745325de4be61d61dca201dc9cfcb55ba16f138459d3fc
3957bb1a2210a69867b7ea2a7ab650b546b51d5181fdd6fbd2bddee30364c4da
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63801da788ad2abf28b9e587d813d6bf0ad933a96d6ac3eba88c8ab4cd93dd66
78952943632e3c1c3b3313ba757aa35b716e9fca299604f1a8db3b8a83319ca6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
898a71b3a61190c5887818d4aa4180e55a098fb37a2a1866305d6b6db2b95fe0
8c3304d2dd82d7fa8d0717b2215a98edc3e0164a8f9035ae4a8e6edff93c17e4
913618c234fde33f77e498785ee2426365440311be27a624ec776f71b7495ea5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9723fdaeb40bb95d74e79ecd66ad1c9ec0b9ef58341f8cd2fe8b1b5ad13a0263
9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a
a27f0fc823961cf54dd92ced0d8759308220a25d6e59d5c3d968d20f05075b04
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a
bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3
bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8
c5427cbdf3304a90ca8d8c741f262f899bfb7dbdef040c98946f78863424b799
c7e9db7516e1931769de448ee19b852670ffe81bc27b9e5133ea63d25b14888e
c8176d76366bbc4d4d305b43ec72f4beea505762fcb7b7a9cea816c726fb3dfa
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62b82e83927e214346a81bd6ce643d9f565c74dba8fde8b0a46647cc2017780
ec24152738f59431a496c02c9b665218053c1a5e3312a13c6ab82d8e9b68a91f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

oauth.airmiles.ca Open in urlscan Pro 2606:4700:4400::6812:2675 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

50 %IPv6

13 Domains

22 Subdomains

17 IPs

2 Countries

2568 kBTransfer

3869 kBSize

26 Cookies

8 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

50 %
IPv6

13
Domains

22
Subdomains

17
IPs

2
Countries

2568 kB
Transfer

3869 kB
Size

26
Cookies

43 HTTP transactions
0 data transactions